ID

VAR-201810-0564


CVE

CVE-2018-15372


TITLE

Cisco IOS XE Software Access Control Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2018-20686 // CNNVD: CNNVD-201809-1264

DESCRIPTION

A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in the affected software. An attacker could exploit this vulnerability by connecting to and passing traffic through a Layer 3 interface of an affected device, if the interface is configured for MACsec MKA using EAP-TLS and is running in access-session closed mode. A successful exploit could allow the attacker to bypass 802.1x network access controls and gain access to the network. Cisco IOS XE There is an access control vulnerability in the software.Information may be obtained and information may be altered. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco bug CSCvh09411

Trust: 2.61

sources: NVD: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNVD: CNVD-2018-20686 // BID: 105416 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-20686

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.9.1

Trust: 1.6

vendor:ciscomodel:ios xescope:eqversion:16.8.1

Trust: 1.6

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:16.9.1

Trust: 0.3

vendor:ciscomodel:ios xe softwarescope:eqversion:16.8.1

Trust: 0.3

vendor:ciscomodel:ios xe softwarescope:eqversion:16.0

Trust: 0.3

sources: CNVD: CNVD-2018-20686 // BID: 105416 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15372
value: HIGH

Trust: 1.0

NVD: CVE-2018-15372
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-20686
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201809-1264
value: HIGH

Trust: 0.6

VULHUB: VHN-125625
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-15372
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-15372
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-20686
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:C/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-125625
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15372
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-20686 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.8

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: JVNDB: JVNDB-2018-013331 // NVD: CVE-2018-15372

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201809-1264

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201809-1264

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013331

PATCH

title:cisco-sa-20180926-macsecurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-macsec

Trust: 0.8

title:Cisco IOSXESoftware Access Control Error Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/141847

Trust: 0.6

title:Cisco IOS XE Software Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85273

Trust: 0.6

title:Cisco: Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-macsec

Trust: 0.1

title:VSCANurl:https://github.com/lucabrasi83/vscan

Trust: 0.1

sources: CNVD: CNVD-2018-20686 // VULMON: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264

EXTERNAL IDS

db:NVDid:CVE-2018-15372

Trust: 3.5

db:BIDid:105416

Trust: 2.1

db:JVNDBid:JVNDB-2018-013331

Trust: 0.8

db:CNNVDid:CNNVD-201809-1264

Trust: 0.7

db:CNVDid:CNVD-2018-20686

Trust: 0.6

db:VULHUBid:VHN-125625

Trust: 0.1

db:VULMONid:CVE-2018-15372

Trust: 0.1

sources: CNVD: CNVD-2018-20686 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372 // BID: 105416 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-macsec

Trust: 2.8

url:http://www.securityfocus.com/bid/105416

Trust: 1.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15372

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15372

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/lucabrasi83/vscan

Trust: 0.1

sources: CNVD: CNVD-2018-20686 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372 // BID: 105416 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

CREDITS

Cisco

Trust: 0.3

sources: BID: 105416

SOURCES

db:CNVDid:CNVD-2018-20686
db:VULHUBid:VHN-125625
db:VULMONid:CVE-2018-15372
db:BIDid:105416
db:JVNDBid:JVNDB-2018-013331
db:CNNVDid:CNNVD-201809-1264
db:NVDid:CVE-2018-15372

LAST UPDATE DATE

2024-08-14T14:45:36.843000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-20686date:2018-11-08T00:00:00
db:VULHUBid:VHN-125625date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-15372date:2019-10-09T00:00:00
db:BIDid:105416date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-013331date:2019-02-19T00:00:00
db:CNNVDid:CNNVD-201809-1264date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15372date:2019-10-09T23:35:28.483

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-20686date:2018-10-11T00:00:00
db:VULHUBid:VHN-125625date:2018-10-05T00:00:00
db:VULMONid:CVE-2018-15372date:2018-10-05T00:00:00
db:BIDid:105416date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-013331date:2019-02-19T00:00:00
db:CNNVDid:CNNVD-201809-1264date:2018-09-28T00:00:00
db:NVDid:CVE-2018-15372date:2018-10-05T14:29:06.327