ID

VAR-201810-0566


CVE

CVE-2018-15374


TITLE

Cisco IOS XE Vulnerabilities related to digital signature verification in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-011570

DESCRIPTION

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly verifying digital signatures for software images and files that are uploaded to a device. An attacker could exploit this vulnerability by uploading a malicious software image or file to an affected device. A successful exploit could allow the attacker to bypass digital signature verification checks for software images and files and install a malicious software image or file on the affected device. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. A digital signature verification bypass vulnerability exists in the ImageVerification feature in Cisco IOSXESoftware. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvh15737

Trust: 2.61

sources: NVD: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNVD: CNVD-2018-20685 // BID: 105415 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-20685

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.6.1

Trust: 1.9

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2018-20685 // BID: 105415 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15374
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15374
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-20685
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201809-1267
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125627
value: HIGH

Trust: 0.1

VULMON: CVE-2018-15374
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15374
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-20685
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-125627
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15374
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-20685 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

PROBLEMTYPE DATA

problemtype:CWE-347

Trust: 1.9

sources: VULHUB: VHN-125627 // JVNDB: JVNDB-2018-011570 // NVD: CVE-2018-15374

THREAT TYPE

local

Trust: 0.9

sources: BID: 105415 // CNNVD: CNNVD-201809-1267

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201809-1267

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011570

PATCH

title:cisco-sa-20180926-digsigurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-digsig

Trust: 0.8

title:Cisco IOSXESoftware Digital Signature Verification Bypass Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/141839

Trust: 0.6

title:Cisco IOS XE Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85276

Trust: 0.6

title:Cisco: Cisco IOS XE Software Digital Signature Verification Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-digsig

Trust: 0.1

title:VSCANurl:https://github.com/lucabrasi83/vscan

Trust: 0.1

sources: CNVD: CNVD-2018-20685 // VULMON: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267

EXTERNAL IDS

db:NVDid:CVE-2018-15374

Trust: 3.5

db:BIDid:105415

Trust: 2.1

db:JVNDBid:JVNDB-2018-011570

Trust: 0.8

db:CNNVDid:CNNVD-201809-1267

Trust: 0.7

db:CNVDid:CNVD-2018-20685

Trust: 0.6

db:VULHUBid:VHN-125627

Trust: 0.1

db:VULMONid:CVE-2018-15374

Trust: 0.1

sources: CNVD: CNVD-2018-20685 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374 // BID: 105415 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-digsig

Trust: 2.8

url:http://www.securityfocus.com/bid/105415

Trust: 1.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15374

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15374

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/347.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/lucabrasi83/vscan

Trust: 0.1

sources: CNVD: CNVD-2018-20685 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374 // BID: 105415 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

CREDITS

Cisco

Trust: 0.3

sources: BID: 105415

SOURCES

db:CNVDid:CNVD-2018-20685
db:VULHUBid:VHN-125627
db:VULMONid:CVE-2018-15374
db:BIDid:105415
db:JVNDBid:JVNDB-2018-011570
db:CNNVDid:CNNVD-201809-1267
db:NVDid:CVE-2018-15374

LAST UPDATE DATE

2024-08-14T14:51:25.371000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-20685date:2018-10-12T00:00:00
db:VULHUBid:VHN-125627date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-15374date:2019-10-09T00:00:00
db:BIDid:105415date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011570date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1267date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15374date:2019-10-09T23:35:28.687

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-20685date:2018-10-11T00:00:00
db:VULHUBid:VHN-125627date:2018-10-05T00:00:00
db:VULMONid:CVE-2018-15374date:2018-10-05T00:00:00
db:BIDid:105415date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-011570date:2019-01-17T00:00:00
db:CNNVDid:CNNVD-201809-1267date:2018-09-28T00:00:00
db:NVDid:CVE-2018-15374date:2018-10-05T14:29:06.543