Details of VAR-201803-1611

ID

VAR-201803-1611

CVE

CVE-2018-0195

TITLE

Cisco IOS XE Software authentication vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2018-003397

DESCRIPTION

A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requests that are sent to the REST API of the affected software. An attacker could exploit this vulnerability by sending a malicious request to an affected device via the REST API. A successful exploit could allow the attacker to selectively bypass authorization checks for the REST API of the affected software and use the API to perform privileged actions on an affected device. Cisco Bug IDs: CSCuz56428. Cisco IOS XE There is an authentication vulnerability in the software. Vendors have confirmed this vulnerability Bug ID CSCuz56428 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. RESTAPI is one of the APIs that support lightweight RESTful web scripts. Attackers can exploit this issue to gain unauthorized access and gain elevated privileges. This may aid in further attacks. REST API is one of the real-time communication APIs

Trust: 2.52

sources: NVD: CVE-2018-0195 // JVNDB: JVNDB-2018-003397 // CNVD: CNVD-2018-08478 // BID: 103557 // VULHUB: VHN-118397

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-08478

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios xe	scope:	lt	version:	16.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.2	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.3.0t	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.3	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.1.0	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.3.0	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.3.1	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.2.2	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.1.2	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	16.3(0)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.4.1	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.3.1	Trust: 0.3
vendor:	cisco	model:	ios everest-16.4.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.4(0.54)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.3(0.225)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	16.2(1.31)	Trust: 0.3

sources: CNVD: CNVD-2018-08478 // BID: 103557 // JVNDB: JVNDB-2018-003397 // CNNVD: CNNVD-201803-1004 // NVD: CVE-2018-0195

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0195
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0195
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08478
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201803-1004
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118397
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0195
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-08478
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118397
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0195
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-08478 // VULHUB: VHN-118397 // JVNDB: JVNDB-2018-003397 // CNNVD: CNNVD-201803-1004 // NVD: CVE-2018-0195

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-118397 // JVNDB: JVNDB-2018-003397 // NVD: CVE-2018-0195

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-1004

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201803-1004

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003397

PATCH

title:	cisco-sa-20180328-rest	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-rest	Trust: 0.8
title:	Patch for Cisco IOSXESoftwareRESTAPI Authorization Issue Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/127459	Trust: 0.6
title:	Cisco IOS XE Software REST API Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79472	Trust: 0.6

sources: CNVD: CNVD-2018-08478 // JVNDB: JVNDB-2018-003397 // CNNVD: CNNVD-201803-1004

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0195	Trust: 3.4
db:	BID	id:	103557	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-003397	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-1004	Trust: 0.7
db:	CNVD	id:	CNVD-2018-08478	Trust: 0.6
db:	VULHUB	id:	VHN-118397	Trust: 0.1

sources: CNVD: CNVD-2018-08478 // VULHUB: VHN-118397 // BID: 103557 // JVNDB: JVNDB-2018-003397 // CNNVD: CNNVD-201803-1004 // NVD: CVE-2018-0195

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-rest	Trust: 2.0
url:	http://www.securityfocus.com/bid/103557	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0195	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0195	Trust: 0.8
url:	https://bst.cloudapps.cisco.com/bugsearch/bug/cscuz56428	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-08478 // VULHUB: VHN-118397 // BID: 103557 // JVNDB: JVNDB-2018-003397 // CNNVD: CNNVD-201803-1004 // NVD: CVE-2018-0195

CREDITS

Cisco

Trust: 0.3

sources: BID: 103557

SOURCES

db:	CNVD	id:	CNVD-2018-08478
db:	VULHUB	id:	VHN-118397
db:	BID	id:	103557
db:	JVNDB	id:	JVNDB-2018-003397
db:	CNNVD	id:	CNNVD-201803-1004
db:	NVD	id:	CVE-2018-0195

LAST UPDATE DATE

2024-11-23T22:45:25.060000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08478	date:	2018-04-26T00:00:00
db:	VULHUB	id:	VHN-118397	date:	2019-10-09T00:00:00
db:	BID	id:	103557	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003397	date:	2018-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201803-1004	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0195	date:	2024-11-21T03:37:42.277

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-08478	date:	2018-04-26T00:00:00
db:	VULHUB	id:	VHN-118397	date:	2018-03-28T00:00:00
db:	BID	id:	103557	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003397	date:	2018-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201803-1004	date:	2018-03-29T00:00:00
db:	NVD	id:	CVE-2018-0195	date:	2018-03-28T22:29:02.157