← Back

CVE-2018-0163

nvd nist
Published: Mar 28, 2018Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

Affected (33)

Products: Cisco: Ios
Cisco
1 product
Ios
Configuration A
33 vulnerable · 95 platform
Vulnerable SoftwareAffected Versions
Cisco
Ios
Version 15.4(3.0i)m6
Ios
Version 15.4(3)m6
Ios
Version 15.4(3)m6a
Ios
Version 15.4(3)m7
Ios
Version 15.4(3)m7a
Ios
Version 15.4(3)m8
Ios
Version 15.5(3)m3
Ios
Version 15.5(3)m4
Ios
Version 15.5(3)m4a
Ios
Version 15.5(3)m4b
Ios
Version 15.5(3)m4c
Ios
Version 15.5(3)m5
Ios
Version 15.5(3)m5a
Ios
Version 15.5(3)m6
Ios
Version 15.5(3)m6a
Ios
Version 15.6(1)t2
Ios
Version 15.6(1)t3
Ios
Version 15.6(2)t1
Ios
Version 15.6(2)t2
Ios
Version 15.6(2)t3
Ios
Version 15.6(3)m0a
Ios
Version 15.6(3)m1
Ios
Version 15.6(3)m1a
Ios
Version 15.6(3)m1b
Ios
Version 15.6(3)m2
Ios
Version 15.6(3)m2a
Ios
Version 15.6(3)m3
Ios
Version 15.6(3)m3a
Ios
Version 15.6(3)m
Ios
Version 15.7(3)m0a
Ios
Version 15.7(3)m1
Ios
Version 15.7(3)m2
Ios
Version 15.7(3)m
Running on/withPlatform Versions
Cisco
1120 Connected Grid Router
All versions
Cisco
1240 Connected Grid Router
All versions
Cisco
1905 Serial Integrated Services Router
All versions
Cisco
1906c Integrated Services Router
All versions
Cisco
1921 Integrated Services Router
All versions
Cisco
1941 Integrated Services Router
All versions
Cisco
1941w Integrated Services Router
All versions
Cisco
2010 Connected Grid Router
All versions
Cisco
2901 Integrated Services Router
All versions
Cisco
2911 Integrated Services Router
All versions
Cisco
2911a Integrated Services Router
All versions
Cisco
2921 Integrated Services Router
All versions
Cisco
2951 Integrated Services Router
All versions
Cisco
3925 Integrated Services Router
All versions
Cisco
3925e Integrated Services Router
All versions
Cisco
3945 Integrated Services Router
All versions
Cisco
3945e Integrated Services Router
All versions
Cisco
5915 Embedded Service Router
All versions
Cisco
5921 Embedded Services Router
All versions
Cisco
5940 Embedded Services Router
All versions
Cisco
800 Series Routers
All versions
Cisco
800m Integrated Services Router
All versions
Cisco
809 Industrial Integrated Services Router
All versions
Cisco
812 3g Integrated Services Router
All versions
Cisco
812 Cifi Integrated Services Router
All versions
Cisco
819 Hardened 3g
All versions
Cisco
819 Hardened Dual Radio 802.11n Wifi Integrated Services Router
All versions
Cisco
819 Hardened Integrated Services Router
All versions
Cisco
819 Integrated Services Router
All versions
Cisco
819 Non Hardened 4g Lte M2m
All versions
Cisco
819 Non Hardened Secure Multi Mode 4g Lte M2m Isr Router
All versions
Cisco
829 Industrial Integrated Services Router
All versions
Cisco
860vae W Integrated Services Router
All versions
Cisco
861 Integrated Services Router
All versions
Cisco
861w Integrated Services Router
All versions
Cisco
866vae Integrated Services Router
All versions
Cisco
867vae Integrated Services Router
All versions
Cisco
880 Voice Integrated Services Router
All versions
Cisco
881 Cube Integrated Services Router
All versions
Cisco
881 3g
All versions
Cisco
881 3g Integrated Services Router
All versions
Cisco
881 Secure Fast Ethernet
All versions
Cisco
881w Integrated Services Router
All versions
Cisco
886va Cube Integrated Services Router
All versions
Cisco
886va W Integrated Services Router
All versions
Cisco
886va Integrated Services Router
All versions
Cisco
886vag 3g Integrated Services Router
All versions
Cisco
887 Multi Mode Vdsl2/asdl2+ Pots
All versions
Cisco
887va Cube Integrated Services Router
All versions
Cisco
887va W Integrated Services Router
All versions
Cisco
887va Integrated Services Router
All versions
Cisco
887vag 3g Integrated Services Router
All versions
Cisco
887vagw 3g
All versions
Cisco
887vam W Integrated Services Router
All versions
Cisco
887vamg 3g Integrated Services Router
All versions
Cisco
888 Cube Integrated Services Router
All versions
Cisco
888 Integrated Services Router
All versions
Cisco
888e Cube Integrated Services Router
All versions
Cisco
888e Integrated Services Router
All versions
Cisco
888eg 3g Integrated Services Router
All versions
Cisco
888w Integrated Services Router
All versions
Cisco
891 24x Integrated Services Router
All versions
Cisco
891 Integrated Services Router
All versions
Cisco
891w Integrated Services Router
All versions
Cisco
892 Integrated Services Router
All versions
Cisco
892f Cube Integrated Services Router
All versions
Cisco
892w Integrated Services Router
All versions
Cisco
896 Multi Mode Vdsl2/adsl2+ Isdn
All versions
Cisco
897 Multi Mode Vdsl2/adsl2+ Pots
All versions
Cisco
897 Multi Mode Vdsl2/adsl2+ Pots Annex M
All versions
Cisco
898 Secure G.shdsl Efm/atm
All versions
Cisco
C866vae Integrated Services Router
All versions
Cisco
C867vae Integrated Services Router
All versions
Cisco
C881 Integrated Services Router
All versions
Cisco
C881w Integrated Services Router
All versions
Cisco
C886va Integrated Services Routers
All versions
Cisco
C886vaj Integrated Services Router
All versions
Cisco
C887va Integrated Services Routers
All versions
Cisco
C887vam Integrated Services Routers
All versions
Cisco
C888 Integrated Services Router
All versions
Cisco
C888ea Integrated Services Router
All versions
Cisco
C891f Integrated Services Routers
All versions
Cisco
C891fw Integrated Services Router
All versions
Cisco
C892fsp Integrated Services Router
All versions
Cisco
C896va Integrated Services Router
All versions
Cisco
C897va M Integrated Services Router
All versions
Cisco
C897va Integrated Services Router
All versions
Cisco
C897vam W Integrated Services Router
All versions
Cisco
C897vaw Integrated Services Router
All versions
Cisco
C898ea Integrated Services Router
All versions
Cisco
C899 Secure Gigabit Ethernet
All versions
Cisco
Vg204xm Analog Voice Gateway
All versions
Cisco
Vg350 Analog Voice Gateway
All versions
Cisco
Vg3x0 Analog Voice Gateway
All versions
Rockwellautomation
Stratix 5900
All versions

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.