CVE-2018-0159

CVSS 7.5 HIGHEPSS 6.9%● KEVCWE-20

In short

A flaw in Cisco's IKEv1 implementation fails to properly validate certain packets, allowing attackers to crash affected devices by sending malicious IKE negotiation packets, causing network outages.

Technical detail

Improper input validation (CWE-20) in IKEv1 packet processing allows an unauthenticated remote attacker to trigger a device reload via crafted packets during IKE negotiation. No authentication required; attack vector is network-based and results in denial of service through forced reboot.

Summary generated and translated by AI from the official description.

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

n/a · Cisco IOS and IOS XE

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike-dos https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0159 http://www.securityfocus.com/bid/103562 http://www.securitytracker.com/id/1040595