CVE-2018-0158 - Vulnerability Details

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is in the KEV database since March 3, 2022.

Exploitation active

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	Asr 1001-hx Asr 1001-x Asr 1002-hx Asr 1002-x Asr 1004 Asr 1006 Asr 1006-x Asr 1009-x Asr 1013 Ios Ios Xe
Rockwellautomation	Allen-bradley Stratix 5900

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ios:15.5\(3\)s1.1:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.2:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.4:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.5:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.7:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.8:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.9:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.10:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.11:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.12:::::::*

OR	cpe:2.3:h:cisco:asr_1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.1:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.2:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.4:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.5:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.7:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.8:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.9:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.10:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.11:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.12:::::::*

OR	cpe:2.3:h:cisco:asr_1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*

Configuration 3 [-]

AND

OR	cpe:2.3:o:cisco:ios:15.5\(3\)s1.1:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.2:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.4:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.5:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.7:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.8:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.9:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.10:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.11:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1.12:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.1:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.2:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.4:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.5:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.7:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.8:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.9:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.10:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.11:::::::*
	cpe:2.3:o:cisco:ios_xe:15.5\(3\)s1.12:::::::*

cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/103566
http://www.securitytracker.com/id/1040595
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike

History

Fri, 15 Nov 2024 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2022-03-03'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-03-28T22:00:00

Updated: 2024-11-15T17:53:36.611Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0158

Vulnrichment

Updated: 2024-08-05T03:14:17.087Z

NVD

Status : Analyzed

Published: 2018-03-28T22:29:00.547

Modified: 2025-01-27T20:16:35.513

Link: CVE-2018-0158

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco IOS and IOS XE", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco IOS and IOS XE"}]}], "datePublic": "2018-03-28T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-04-19T13:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "103566", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103566"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"}, {"name": "1040595", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040595"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0158", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS and IOS XE", "version": {"version_data": [{"version_value": "Cisco IOS and IOS XE"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "103566", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103566"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"}, {"name": "1040595", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040595"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:14:17.087Z"}, "title": "CVE Program Container", "references": [{"name": "103566", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103566"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"}, {"name": "1040595", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040595"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-08T17:27:29.888061Z", "id": "CVE-2018-0158", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0158"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T17:53:36.611Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0158", "datePublished": "2018-03-28T22:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-11-15T17:53:36.611Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/bid/103566", "name": "103566", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1040595", "name": "1040595", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:14:17.087Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-0158", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-08T17:27:29.888061Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0158"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-08T16:06:36.744Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "Cisco IOS and IOS XE", "versions": [{"status": "affected", "version": "Cisco IOS and IOS XE"}]}], "datePublic": "2018-03-28T00:00:00", "references": [{"url": "http://www.securityfocus.com/bid/103566", "name": "103566", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03", "tags": ["x_refsource_MISC"]}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04", "tags": ["x_refsource_MISC"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.securitytracker.com/id/1040595", "name": "1040595", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2018-04-19T13:57:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Cisco IOS and IOS XE"}]}, "product_name": "Cisco IOS and IOS XE"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/103566", "name": "103566", "refsource": "BID"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03", "refsource": "MISC"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04", "refsource": "MISC"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike", "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1040595", "name": "1040595", "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-0158", "STATE": "PUBLIC", "ASSIGNER": "psirt@cisco.com"}}}}, "cveMetadata": {"cveId": "CVE-2018-0158", "state": "PUBLISHED", "dateUpdated": "2024-11-15T17:53:36.611Z", "dateReserved": "2017-11-27T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2018-03-28T22:00:00", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-03-17", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3126916B-968A-4C85-A963-1AAA418DB52E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.2:*:*:*:*:*:*:*", "matchCriteriaId": "1CFEC4B0-3EA4-40D3-A197-7942F4A9807C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1BB36C60-F393-4FC1-ADE8-B83FAABBB17B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E807206F-26A1-40FF-A3AC-F819660D4AB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E769D555-76B6-4EF0-8996-87B8775D40EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.8:*:*:*:*:*:*:*", "matchCriteriaId": "E878525D-7FF5-42C7-899B-8C56360246C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.9:*:*:*:*:*:*:*", "matchCriteriaId": "D2F0AD0E-313F-49FF-AD9A-0DFB643D38A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B2C28AD2-24CD-49DD-8883-4C4351E8A3F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.11:*:*:*:*:*:*:*", "matchCriteriaId": "75421C15-4E2A-4F56-ABD8-4592E686B60E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.12:*:*:*:*:*:*:*", "matchCriteriaId": "00B75EED-9A20-4C5F-907E-E1C73476B700", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4EF130D-747B-4A10-84E9-94796C819755", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.2:*:*:*:*:*:*:*", "matchCriteriaId": "ACE49E6B-9DE9-4AA3-8AA1-58958D98BD5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.4:*:*:*:*:*:*:*", "matchCriteriaId": "97E48CD3-1C0B-4925-A852-3FFF5AFBF67C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.5:*:*:*:*:*:*:*", "matchCriteriaId": "B951A529-F0EB-4042-A2B9-C7D37D4CCB94", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.7:*:*:*:*:*:*:*", "matchCriteriaId": "DFBDA3E6-17F0-45B9-8DC4-6A90B45272D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.8:*:*:*:*:*:*:*", "matchCriteriaId": "BB99039D-BA07-45FC-85E8-691AF9D0B764", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.9:*:*:*:*:*:*:*", "matchCriteriaId": "28258348-0537-41D9-801E-22F771BC9D87", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.10:*:*:*:*:*:*:*", "matchCriteriaId": "A533BCC3-5C12-41F3-B43E-11121D74F623", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.11:*:*:*:*:*:*:*", "matchCriteriaId": "FB2EDC53-4BED-40CC-BC76-D714FB637F47", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.12:*:*:*:*:*:*:*", "matchCriteriaId": "74A50D40-737E-4B9F-BDE0-19F111B5A98B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3126916B-968A-4C85-A963-1AAA418DB52E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.2:*:*:*:*:*:*:*", "matchCriteriaId": "1CFEC4B0-3EA4-40D3-A197-7942F4A9807C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1BB36C60-F393-4FC1-ADE8-B83FAABBB17B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E807206F-26A1-40FF-A3AC-F819660D4AB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E769D555-76B6-4EF0-8996-87B8775D40EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.8:*:*:*:*:*:*:*", "matchCriteriaId": "E878525D-7FF5-42C7-899B-8C56360246C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.9:*:*:*:*:*:*:*", "matchCriteriaId": "D2F0AD0E-313F-49FF-AD9A-0DFB643D38A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B2C28AD2-24CD-49DD-8883-4C4351E8A3F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.11:*:*:*:*:*:*:*", "matchCriteriaId": "75421C15-4E2A-4F56-ABD8-4592E686B60E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1.12:*:*:*:*:*:*:*", "matchCriteriaId": "00B75EED-9A20-4C5F-907E-E1C73476B700", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4EF130D-747B-4A10-84E9-94796C819755", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.2:*:*:*:*:*:*:*", "matchCriteriaId": "ACE49E6B-9DE9-4AA3-8AA1-58958D98BD5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.4:*:*:*:*:*:*:*", "matchCriteriaId": "97E48CD3-1C0B-4925-A852-3FFF5AFBF67C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.5:*:*:*:*:*:*:*", "matchCriteriaId": "B951A529-F0EB-4042-A2B9-C7D37D4CCB94", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.7:*:*:*:*:*:*:*", "matchCriteriaId": "DFBDA3E6-17F0-45B9-8DC4-6A90B45272D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.8:*:*:*:*:*:*:*", "matchCriteriaId": "BB99039D-BA07-45FC-85E8-691AF9D0B764", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.9:*:*:*:*:*:*:*", "matchCriteriaId": "28258348-0537-41D9-801E-22F771BC9D87", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.10:*:*:*:*:*:*:*", "matchCriteriaId": "A533BCC3-5C12-41F3-B43E-11121D74F623", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.11:*:*:*:*:*:*:*", "matchCriteriaId": "FB2EDC53-4BED-40CC-BC76-D714FB637F47", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:15.5\\(3\\)s1.12:*:*:*:*:*:*:*", "matchCriteriaId": "74A50D40-737E-4B9F-BDE0-19F111B5A98B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900:-:*:*:*:*:*:*:*", "matchCriteriaId": "1609D07F-FF2D-49D8-8672-9C512A69479D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00f3dulo Internet Key Exchange Version 2 (IKEv2) de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado provoque una fuga de memoria o que reinicie un dispositivo afectado para provocar una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de determinados paquetes IKEv2. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes IKEv2 manipulados al dispositivo afectado para que los procese. Un exploit con \u00e9xito podr\u00eda dar lugar a que el dispositivo afectado consumiese memoria continuamente y, finalmente, se reiniciase, provocando una denegaci\u00f3n de servicio (DoS). Cisco Bug IDs: CSCvf22394."}], "id": "CVE-2018-0158", "lastModified": "2025-01-27T20:16:35.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-28T22:29:00.547", "references": [{"source": "psirt@cisco.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103566"}, {"source": "psirt@cisco.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040595"}, {"source": "psirt@cisco.com", "tags": ["Third Party Advisory", "US Government Resource", "VDB Entry"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"}, {"source": "psirt@cisco.com", "tags": ["Third Party Advisory", "US Government Resource", "VDB Entry"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103566"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040595"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource", "VDB Entry"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource", "VDB Entry"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "psirt@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Exploitation active

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object