ID

VAR-201810-0563


CVE

CVE-2018-15371


TITLE

Cisco IOS XE Software access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011569

DESCRIPTION

A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by requesting access to the root shell of an affected device, after the shell access feature has been enabled. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device. Cisco IOS XE There is an access control vulnerability in the software.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco 4000 Series Integrated Services Routers and so on are all different types of router products from Cisco. IOSXESoftware is an operating system developed by one of the Cisco companies for its network devices. Cisco IOS XE Software is prone to a local authentication-bypass vulnerability. This may lead to further attacks. This issue being tracked by Cisco Bug ID CSCvb79289

Trust: 2.52

sources: NVD: CVE-2018-15371 // JVNDB: JVNDB-2018-011569 // CNVD: CNVD-2018-21255 // BID: 105949 // VULHUB: VHN-125624

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-21255

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.3\(1\)

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:asr series aggregation services routersscope:eqversion:900

Trust: 0.6

vendor:ciscomodel:series integrated services routersscope:eqversion:4000

Trust: 0.6

vendor:ciscomodel:asr series aggregation services routersscope:eqversion:1000

Trust: 0.6

vendor:ciscomodel:cloud services router seriesscope:eqversion:1000v

Trust: 0.6

vendor:ciscomodel:integrated services virtual routerscope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:integrated services virtual routerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:cloud services router seriesscope:eqversion:1000v0

Trust: 0.3

vendor:ciscomodel:asr series aggregation services routersscope:eqversion:90000

Trust: 0.3

vendor:ciscomodel:asr series aggregation services routersscope:eqversion:10000

Trust: 0.3

vendor:ciscomodel:series integrated services routersscope:eqversion:40000

Trust: 0.3

sources: CNVD: CNVD-2018-21255 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15371
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15371
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-21255
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201809-1261
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125624
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15371
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-21255
severity: MEDIUM
baseScore: 6.2
vectorString: AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-125624
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15371
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.8

problemtype:CWE-287

Trust: 1.1

sources: VULHUB: VHN-125624 // JVNDB: JVNDB-2018-011569 // NVD: CVE-2018-15371

THREAT TYPE

local

Trust: 0.9

sources: BID: 105949 // CNNVD: CNNVD-201809-1261

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201809-1261

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011569

PATCH

title:cisco-sa-20180926-shell-accessurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-shell-access

Trust: 0.8

title:Patches for multiple Cisco products IOSXESoftware privilege escalation vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/142803

Trust: 0.6

title:Multiple Cisco product IOS XE Software Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85270

Trust: 0.6

sources: CNVD: CNVD-2018-21255 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261

EXTERNAL IDS

db:NVDid:CVE-2018-15371

Trust: 3.4

db:JVNDBid:JVNDB-2018-011569

Trust: 0.8

db:CNNVDid:CNNVD-201809-1261

Trust: 0.7

db:CNVDid:CNVD-2018-21255

Trust: 0.6

db:BIDid:105949

Trust: 0.3

db:VULHUBid:VHN-125624

Trust: 0.1

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-shell-access

Trust: 2.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15371

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15371

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: CNVD: CNVD-2018-21255 // VULHUB: VHN-125624 // BID: 105949 // JVNDB: JVNDB-2018-011569 // CNNVD: CNNVD-201809-1261 // NVD: CVE-2018-15371

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105949

SOURCES

db:CNVDid:CNVD-2018-21255
db:VULHUBid:VHN-125624
db:BIDid:105949
db:JVNDBid:JVNDB-2018-011569
db:CNNVDid:CNNVD-201809-1261
db:NVDid:CVE-2018-15371

LAST UPDATE DATE

2024-08-14T13:55:47.375000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-21255date:2018-10-18T00:00:00
db:VULHUBid:VHN-125624date:2019-10-09T00:00:00
db:BIDid:105949date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011569date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1261date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15371date:2019-10-09T23:35:28.360

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-21255date:2018-10-18T00:00:00
db:VULHUBid:VHN-125624date:2018-10-05T00:00:00
db:BIDid:105949date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011569date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1261date:2018-09-28T00:00:00
db:NVDid:CVE-2018-15371date:2018-10-05T14:29:06.217