CVE Vulnerabilities

CVE-2018-0163

Improper Authentication

Published: Mar 28, 2018 | Modified: Apr 28, 2021
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
3.3 LOW
AV:A/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Ios Cisco 15.4(3)m6 (including) 15.4(3)m6 (including)
Ios Cisco 15.4(3)m6a (including) 15.4(3)m6a (including)
Ios Cisco 15.4(3)m7 (including) 15.4(3)m7 (including)
Ios Cisco 15.4(3)m7a (including) 15.4(3)m7a (including)
Ios Cisco 15.4(3)m8 (including) 15.4(3)m8 (including)
Ios Cisco 15.4(3.0i)m6 (including) 15.4(3.0i)m6 (including)
Ios Cisco 15.5(3)m3 (including) 15.5(3)m3 (including)
Ios Cisco 15.5(3)m4 (including) 15.5(3)m4 (including)
Ios Cisco 15.5(3)m4a (including) 15.5(3)m4a (including)
Ios Cisco 15.5(3)m4b (including) 15.5(3)m4b (including)
Ios Cisco 15.5(3)m4c (including) 15.5(3)m4c (including)
Ios Cisco 15.5(3)m5 (including) 15.5(3)m5 (including)
Ios Cisco 15.5(3)m5a (including) 15.5(3)m5a (including)
Ios Cisco 15.5(3)m6 (including) 15.5(3)m6 (including)
Ios Cisco 15.5(3)m6a (including) 15.5(3)m6a (including)
Ios Cisco 15.6(1)t2 (including) 15.6(1)t2 (including)
Ios Cisco 15.6(1)t3 (including) 15.6(1)t3 (including)
Ios Cisco 15.6(2)t1 (including) 15.6(2)t1 (including)
Ios Cisco 15.6(2)t2 (including) 15.6(2)t2 (including)
Ios Cisco 15.6(2)t3 (including) 15.6(2)t3 (including)
Ios Cisco 15.6(3)m (including) 15.6(3)m (including)
Ios Cisco 15.6(3)m0a (including) 15.6(3)m0a (including)
Ios Cisco 15.6(3)m1 (including) 15.6(3)m1 (including)
Ios Cisco 15.6(3)m1a (including) 15.6(3)m1a (including)
Ios Cisco 15.6(3)m1b (including) 15.6(3)m1b (including)
Ios Cisco 15.6(3)m2 (including) 15.6(3)m2 (including)
Ios Cisco 15.6(3)m2a (including) 15.6(3)m2a (including)
Ios Cisco 15.6(3)m3 (including) 15.6(3)m3 (including)
Ios Cisco 15.6(3)m3a (including) 15.6(3)m3a (including)
Ios Cisco 15.7(3)m (including) 15.7(3)m (including)
Ios Cisco 15.7(3)m0a (including) 15.7(3)m0a (including)
Ios Cisco 15.7(3)m1 (including) 15.7(3)m1 (including)
Ios Cisco 15.7(3)m2 (including) 15.7(3)m2 (including)

Potential Mitigations

References