Details of VAR-201810-0566

ID

VAR-201810-0566

CVE

CVE-2018-15374

TITLE

Cisco IOS XE Vulnerabilities related to digital signature verification in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-011570

DESCRIPTION

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly verifying digital signatures for software images and files that are uploaded to a device. An attacker could exploit this vulnerability by uploading a malicious software image or file to an affected device. A successful exploit could allow the attacker to bypass digital signature verification checks for software images and files and install a malicious software image or file on the affected device. Cisco IOSXESoftware is a set of operating systems developed by Cisco for its network devices. A digital signature verification bypass vulnerability exists in the ImageVerification feature in Cisco IOSXESoftware. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvh15737

Trust: 2.61

sources: NVD: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNVD: CNVD-2018-20685 // BID: 105415 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20685

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	16.6.1	Trust: 1.9
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2018-20685 // BID: 105415 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15374
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-15374
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-20685
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201809-1267
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-125627
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-15374
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-15374
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-20685
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-125627
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15374
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-20685 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

PROBLEMTYPE DATA

problemtype:

CWE-347

Trust: 1.9

sources: VULHUB: VHN-125627 // JVNDB: JVNDB-2018-011570 // NVD: CVE-2018-15374

THREAT TYPE

local

Trust: 0.9

sources: BID: 105415 // CNNVD: CNNVD-201809-1267

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201809-1267

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011570

PATCH

title:	cisco-sa-20180926-digsig	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-digsig	Trust: 0.8
title:	Cisco IOSXESoftware Digital Signature Verification Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/141839	Trust: 0.6
title:	Cisco IOS XE Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85276	Trust: 0.6
title:	Cisco: Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180926-digsig	Trust: 0.1
title:	VSCAN	url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

sources: CNVD: CNVD-2018-20685 // VULMON: CVE-2018-15374 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15374	Trust: 3.5
db:	BID	id:	105415	Trust: 2.1
db:	JVNDB	id:	JVNDB-2018-011570	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1267	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20685	Trust: 0.6
db:	VULHUB	id:	VHN-125627	Trust: 0.1
db:	VULMON	id:	CVE-2018-15374	Trust: 0.1

sources: CNVD: CNVD-2018-20685 // VULHUB: VHN-125627 // VULMON: CVE-2018-15374 // BID: 105415 // JVNDB: JVNDB-2018-011570 // CNNVD: CNNVD-201809-1267 // NVD: CVE-2018-15374

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-digsig	Trust: 2.8
url:	http://www.securityfocus.com/bid/105415	Trust: 1.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15374	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15374	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/347.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/lucabrasi83/vscan	Trust: 0.1

CREDITS

Cisco

Trust: 0.3

sources: BID: 105415

SOURCES

db:	CNVD	id:	CNVD-2018-20685
db:	VULHUB	id:	VHN-125627
db:	VULMON	id:	CVE-2018-15374
db:	BID	id:	105415
db:	JVNDB	id:	JVNDB-2018-011570
db:	CNNVD	id:	CNNVD-201809-1267
db:	NVD	id:	CVE-2018-15374

LAST UPDATE DATE

2024-08-14T14:51:25.371000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20685	date:	2018-10-12T00:00:00
db:	VULHUB	id:	VHN-125627	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-15374	date:	2019-10-09T00:00:00
db:	BID	id:	105415	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011570	date:	2019-01-17T00:00:00
db:	CNNVD	id:	CNNVD-201809-1267	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-15374	date:	2019-10-09T23:35:28.687

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20685	date:	2018-10-11T00:00:00
db:	VULHUB	id:	VHN-125627	date:	2018-10-05T00:00:00
db:	VULMON	id:	CVE-2018-15374	date:	2018-10-05T00:00:00
db:	BID	id:	105415	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011570	date:	2019-01-17T00:00:00
db:	CNNVD	id:	CNNVD-201809-1267	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-15374	date:	2018-10-05T14:29:06.543