Sign-up

ID

VAR-201901-0473


CVE

CVE-2018-0484


TITLE

Cisco IOS and Cisco IOS XE Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001368

DESCRIPTION

A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. The vulnerability is due to a missing check in the SSH server. An attacker could use this vulnerability to open an SSH connection to an affected Cisco IOS or IOS XE device with a source address belonging to a VRF instance. Once connected, the attacker would still need to provide valid credentials to access the device. Cisco IOS and Cisco IOS XE Contains an access control vulnerability.Information may be tampered with. Successful exploits may allow an attacker to bypass certain security restrictions and to perform unauthorized actions; this may aid in launching further attacks. This issue is being tracked by Cisco Bug ID CSCvk37852

Trust: 1.98

sources: NVD: CVE-2018-0484 // JVNDB: JVNDB-2019-001368 // BID: 106560 // VULHUB: VHN-118686

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:16.6.4

Trust: 1.3

vendor:ciscomodel:iosscope:eqversion:16.6.2

Trust: 1.3

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:16.6.5

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:16.6(4.12)

Trust: 0.3

vendor:ciscomodel:ios 15.8 mscope:neversion: -

Trust: 0.3

vendor:ciscomodel:ios 15.8 m1scope:neversion: -

Trust: 0.3

sources: BID: 106560 // JVNDB: JVNDB-2019-001368 // NVD: CVE-2018-0484

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0484
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2018-0484
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0484
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201901-301
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118686
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0484
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118686
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0484
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2018-0484
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-118686 // JVNDB: JVNDB-2019-001368 // CNNVD: CNNVD-201901-301 // NVD: CVE-2018-0484 // NVD: CVE-2018-0484

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-118686 // JVNDB: JVNDB-2019-001368 // NVD: CVE-2018-0484

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-301

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201901-301

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001368

PATCH
title:cisco-sa-20190109-ios-ssh-vrfurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ios-ssh-vrf
Trust: 0.8
title:Cisco IOS  and Cisco IOS XE Software Secure Shell Fixes for server access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88506
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-001368 // 
            
            
            
            CNNVD: CNNVD-201901-301

EXTERNAL IDS
db:NVDid:CVE-2018-0484
Trust: 2.8
db:BIDid:106560
Trust: 2.0
db:JVNDBid:JVNDB-2019-001368
Trust: 0.8
db:CNNVDid:CNNVD-201901-301
Trust: 0.7
db:VULHUBid:VHN-118686
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118686 // 
            
            
            
            BID: 106560 // 
            
            
            
            JVNDB: JVNDB-2019-001368 // 
            
            
            
            CNNVD: CNNVD-201901-301 // 
            
            
            
            NVD: CVE-2018-0484

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190109-ios-ssh-vrf
Trust: 2.0
url:http://www.securityfocus.com/bid/106560
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0484
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0484
Trust: 0.8
url:http://www.cisco.com/public/sw-center/sw-ios.shtml
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118686 // 
            
            
            
            BID: 106560 // 
            
            
            
            JVNDB: JVNDB-2019-001368 // 
            
            
            
            CNNVD: CNNVD-201901-301 // 
            
            
            
            NVD: CVE-2018-0484

CREDITS
This vulnerability was found during the resolution of a Cisco TAC support case.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201901-301

SOURCES
db:VULHUBid:VHN-118686
db:BIDid:106560
db:JVNDBid:JVNDB-2019-001368
db:CNNVDid:CNNVD-201901-301
db:NVDid:CVE-2018-0484

LAST UPDATE DATE
2024-08-14T13:27:07.427000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118686date:2019-10-09T00:00:00
db:BIDid:106560date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001368date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201901-301date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0484date:2019-10-09T23:32:11.037

SOURCES RELEASE DATE
db:VULHUBid:VHN-118686date:2019-01-10T00:00:00
db:BIDid:106560date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001368date:2019-02-28T00:00:00
db:CNNVDid:CNNVD-201901-301date:2019-01-10T00:00:00
db:NVDid:CVE-2018-0484date:2019-01-10T18:29:00.377