Details of VAR-201810-0563

ID

VAR-201810-0563

CVE

CVE-2018-15371

TITLE

Cisco IOS XE Software access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011569

DESCRIPTION

A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by requesting access to the root shell of an affected device, after the shell access feature has been enabled. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device. Cisco IOS XE There is an access control vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco 4000 Series Integrated Services Routers and so on are all different types of router products from Cisco. IOSXESoftware is an operating system developed by one of the Cisco companies for its network devices. Cisco IOS XE Software is prone to a local authentication-bypass vulnerability. This may lead to further attacks. This issue being tracked by Cisco Bug ID CSCvb79289

Trust: 2.52

sources: NVD: CVE-2018-15371 // JVNDB: JVNDB-2018-011569 // CNVD: CNVD-2018-21255 // BID: 105949 // VULHUB: VHN-125624

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-21255

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3\(1\)	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	900	Trust: 0.6
vendor:	cisco	model:	series integrated services routers	scope:	eq	version:	4000	Trust: 0.6
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	1000	Trust: 0.6
vendor:	cisco	model:	cloud services router series	scope:	eq	version:	1000v	Trust: 0.6
vendor:	cisco	model:	integrated services virtual router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	integrated services virtual router	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	cloud services router series	scope:	eq	version:	1000v0	Trust: 0.3
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	10000	Trust: 0.3
vendor:	cisco	model:	series integrated services routers	scope:	eq	version:	40000	Trust: 0.3

sources: CNVD: CNVD-2018-21255 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15371
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-15371
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-21255
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201809-1261
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-125624
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-15371
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-21255
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-125624
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15371
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.8
problemtype:	CWE-287	Trust: 1.1

sources: VULHUB: VHN-125624 // JVNDB: JVNDB-2018-011569 // NVD: CVE-2018-15371

THREAT TYPE

local

Trust: 0.9

sources: BID: 105949 // CNNVD: CNNVD-201809-1261

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201809-1261

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011569

PATCH

title:	cisco-sa-20180926-shell-access	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-shell-access	Trust: 0.8
title:	Patches for multiple Cisco products IOSXESoftware privilege escalation vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/142803	Trust: 0.6
title:	Multiple Cisco product IOS XE Software Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85270	Trust: 0.6

sources: CNVD: CNVD-2018-21255 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15371	Trust: 3.4
db:	JVNDB	id:	JVNDB-2018-011569	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1261	Trust: 0.7
db:	CNVD	id:	CNVD-2018-21255	Trust: 0.6
db:	BID	id:	105949	Trust: 0.3
db:	VULHUB	id:	VHN-125624	Trust: 0.1

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-shell-access	Trust: 2.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15371	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15371	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105949

SOURCES

db:	CNVD	id:	CNVD-2018-21255
db:	VULHUB	id:	VHN-125624
db:	BID	id:	105949
db:	JVNDB	id:	JVNDB-2018-011569
db:	CNNVD	id:	CNNVD-201809-1261
db:	NVD	id:	CVE-2018-15371

LAST UPDATE DATE

2024-08-14T13:55:47.375000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-21255	date:	2018-10-18T00:00:00
db:	VULHUB	id:	VHN-125624	date:	2019-10-09T00:00:00
db:	BID	id:	105949	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011569	date:	2019-01-17T00:00:00
db:	CNNVD	id:	CNNVD-201809-1261	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-15371	date:	2019-10-09T23:35:28.360

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-21255	date:	2018-10-18T00:00:00
db:	VULHUB	id:	VHN-125624	date:	2018-10-05T00:00:00
db:	BID	id:	105949	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011569	date:	2019-01-17T00:00:00
db:	CNNVD	id:	CNNVD-201809-1261	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-15371	date:	2018-10-05T14:29:06.217