#VU14332 Information disclosure in Cisco IOS XE - CVE-2018-0131
Published: August 13, 2018 / Updated: August 14, 2018
Vulnerability identifier: #VU14332
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2018-0131
CWE-ID: CWE-310
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco IOS XE
Cisco IOS XE
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to error in IKEv1 implementation that allows an attacker to launch Bleichenbacher style attacks against RSA encrypted nonces. A remote non-authenticated attacker can perform a MitM (man-in-the-middle) attack and decrypt data transferred over IKEv1 channel.
Remediation
Vendor has issued the following updates to address this vulnerability:
Everest-16.6.3, Denali-16.3.6, 16.7(0.98), 16.6.3, 16.6(2.75), 16.3.6, 16.3(5.80), 15.7(3.1j)M, 15.7(3.1.14A)OT, 15.7(3)M2, 15.7(2.0v)M0.6, 15.5(3)S8, 15.5(3)S7.17, 15.5(3)M8, 15.5(3)M7.2.