Details of VAR-201810-0564

ID

VAR-201810-0564

CVE

CVE-2018-15372

TITLE

Cisco IOS XE Software Access Control Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2018-20686 // CNNVD: CNNVD-201809-1264

DESCRIPTION

A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in the affected software. An attacker could exploit this vulnerability by connecting to and passing traffic through a Layer 3 interface of an affected device, if the interface is configured for MACsec MKA using EAP-TLS and is running in access-session closed mode. A successful exploit could allow the attacker to bypass 802.1x network access controls and gain access to the network. Cisco IOS XE There is an access control vulnerability in the software.Information may be obtained and information may be altered. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco bug CSCvh09411

Trust: 2.61

sources: NVD: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNVD: CNVD-2018-20686 // BID: 105416 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20686

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.9.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.9.1	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.8.1	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	16.0	Trust: 0.3

sources: CNVD: CNVD-2018-20686 // BID: 105416 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15372
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-15372
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20686
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201809-1264
value:	HIGH
Trust: 0.6
VULHUB:	VHN-125625
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2018-15372
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-15372
severity:	MEDIUM
baseScore:	4.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-20686
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:C/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-125625
severity:	MEDIUM
baseScore:	4.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15372
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	5.2
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-20686 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.8
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: JVNDB: JVNDB-2018-013331 // NVD: CVE-2018-15372

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201809-1264

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201809-1264

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013331

PATCH

title:	cisco-sa-20180926-macsec	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-macsec	Trust: 0.8
title:	Cisco IOSXESoftware Access Control Error Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/141847	Trust: 0.6
title:	Cisco IOS XE Software Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85273	Trust: 0.6
title:	Cisco: Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-macsec	Trust: 0.1
title:	VSCAN	url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

sources: CNVD: CNVD-2018-20686 // VULMON: CVE-2018-15372 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15372	Trust: 3.5
db:	BID	id:	105416	Trust: 2.1
db:	JVNDB	id:	JVNDB-2018-013331	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1264	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20686	Trust: 0.6
db:	VULHUB	id:	VHN-125625	Trust: 0.1
db:	VULMON	id:	CVE-2018-15372	Trust: 0.1

sources: CNVD: CNVD-2018-20686 // VULHUB: VHN-125625 // VULMON: CVE-2018-15372 // BID: 105416 // JVNDB: JVNDB-2018-013331 // CNNVD: CNNVD-201809-1264 // NVD: CVE-2018-15372

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-macsec	Trust: 2.8
url:	http://www.securityfocus.com/bid/105416	Trust: 1.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15372	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15372	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

CREDITS

Cisco

Trust: 0.3

sources: BID: 105416

SOURCES

db:	CNVD	id:	CNVD-2018-20686
db:	VULHUB	id:	VHN-125625
db:	VULMON	id:	CVE-2018-15372
db:	BID	id:	105416
db:	JVNDB	id:	JVNDB-2018-013331
db:	CNNVD	id:	CNNVD-201809-1264
db:	NVD	id:	CVE-2018-15372

LAST UPDATE DATE

2024-08-14T14:45:36.843000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20686	date:	2018-11-08T00:00:00
db:	VULHUB	id:	VHN-125625	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-15372	date:	2019-10-09T00:00:00
db:	BID	id:	105416	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-013331	date:	2019-02-19T00:00:00
db:	CNNVD	id:	CNNVD-201809-1264	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-15372	date:	2019-10-09T23:35:28.483

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20686	date:	2018-10-11T00:00:00
db:	VULHUB	id:	VHN-125625	date:	2018-10-05T00:00:00
db:	VULMON	id:	CVE-2018-15372	date:	2018-10-05T00:00:00
db:	BID	id:	105416	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-013331	date:	2019-02-19T00:00:00
db:	CNNVD	id:	CNNVD-201809-1264	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-15372	date:	2018-10-05T14:29:06.327