ID

VAR-201901-0473


CVE

CVE-2018-0484


TITLE

Cisco IOS and Cisco IOS XE Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001368

DESCRIPTION

A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a missing check in the SSH server. An attacker could use this vulnerability to open an SSH connection to an affected Cisco IOS or IOS XE device with a source address belonging to a VRF instance. Once connected, the attacker would still need to provide valid credentials to access the device. Cisco IOS and Cisco IOS XE Contains an access control vulnerability.Information may be tampered with. Successful exploits may allow an attacker to bypass certain security restrictions and to perform unauthorized actions; this may aid in launching further attacks. This issue is being tracked by Cisco Bug ID CSCvk37852

Trust: 1.98

sources: NVD: CVE-2018-0484 // JVNDB: JVNDB-2019-001368 // BID: 106560 // VULHUB: VHN-118686

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:16.6.4

Trust: 1.3

vendor:ciscomodel:iosscope:eqversion:16.6.2

Trust: 1.3

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:16.6.5

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:16.6(4.12)

Trust: 0.3

vendor:ciscomodel:ios 15.8 mscope:neversion: -

Trust: 0.3

vendor:ciscomodel:ios 15.8 m1scope:neversion: -

Trust: 0.3

sources: BID: 106560 // JVNDB: JVNDB-2019-001368 // NVD: CVE-2018-0484

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0484
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2018-0484
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0484
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201901-301
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118686
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0484
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118686
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0484
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2018-0484
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-118686 // JVNDB: JVNDB-2019-001368 // CNNVD: CNNVD-201901-301 // NVD: CVE-2018-0484 // NVD: CVE-2018-0484

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-118686 // JVNDB: JVNDB-2019-001368 // NVD: CVE-2018-0484

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-301

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201901-301

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001368

PATCH

title:cisco-sa-20190109-ios-ssh-vrfurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ios-ssh-vrf

Trust: 0.8

title:Cisco IOS and Cisco IOS XE Software Secure Shell Fixes for server access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88506

Trust: 0.6

sources: JVNDB: JVNDB-2019-001368 // CNNVD: CNNVD-201901-301

EXTERNAL IDS

db:NVDid:CVE-2018-0484

Trust: 2.8

db:BIDid:106560

Trust: 2.0

db:JVNDBid:JVNDB-2019-001368

Trust: 0.8

db:CNNVDid:CNNVD-201901-301

Trust: 0.7

db:VULHUBid:VHN-118686

Trust: 0.1

sources: VULHUB: VHN-118686 // BID: 106560 // JVNDB: JVNDB-2019-001368 // CNNVD: CNNVD-201901-301 // NVD: CVE-2018-0484

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190109-ios-ssh-vrf

Trust: 2.0

url:http://www.securityfocus.com/bid/106560

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0484

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0484

Trust: 0.8

url:http://www.cisco.com/public/sw-center/sw-ios.shtml

Trust: 0.3

sources: VULHUB: VHN-118686 // BID: 106560 // JVNDB: JVNDB-2019-001368 // CNNVD: CNNVD-201901-301 // NVD: CVE-2018-0484

CREDITS

This vulnerability was found during the resolution of a Cisco TAC support case.

Trust: 0.6

sources: CNNVD: CNNVD-201901-301

SOURCES

db:VULHUBid:VHN-118686
db:BIDid:106560
db:JVNDBid:JVNDB-2019-001368
db:CNNVDid:CNNVD-201901-301
db:NVDid:CVE-2018-0484

LAST UPDATE DATE

2024-11-23T22:58:47.413000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-118686date:2019-10-09T00:00:00
db:BIDid:106560date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001368date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201901-301date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0484date:2024-11-21T03:38:19.630

SOURCES RELEASE DATE

db:VULHUBid:VHN-118686date:2019-01-10T00:00:00
db:BIDid:106560date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001368date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201901-301date:2019-01-10T00:00:00
db:NVDid:CVE-2018-0484date:2019-01-10T18:29:00.377