A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

Metrics

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:A/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Cisco
  • 1120 Connected Grid Router
  • 1240 Connected Grid Router
  • 1905 Serial Integrated Services Router
  • 1906c Integrated Services Router
  • 1921 Integrated Services Router
  • 1941 Integrated Services Router
  • 1941w Integrated Services Router
  • 2010 Connected Grid Router
  • 2901 Integrated Services Router
  • 2911 Integrated Services Router
  • 2911a Integrated Services Router
  • 2921 Integrated Services Router
  • 2951 Integrated Services Router
  • 3925 Integrated Services Router
  • 3925e Integrated Services Router
  • 3945 Integrated Services Router
  • 3945e Integrated Services Router
  • 5915 Embedded Service Router
  • 5921 Embedded Services Router
  • 5940 Embedded Services Router
  • 800 Series Routers
  • 800m Integrated Services Router
  • 809 Industrial Integrated Services Router
  • 812 3g Integrated Services Router
  • 812 Cifi Integrated Services Router
  • 819 Hardened 3g
  • 819 Hardened Dual Radio 802.11n Wifi Integrated Services Router
  • 819 Hardened Integrated Services Router
  • 819 Integrated Services Router
  • 819 Non-hardened 4g Lte M2m
  • 819 Non-hardened Secure Multi-mode 4g Lte M2m Isr Router
  • 829 Industrial Integrated Services Router
  • 860vae-w Integrated Services Router
  • 861 Integrated Services Router
  • 861w Integrated Services Router
  • 866vae Integrated Services Router
  • 867vae Integrated Services Router
  • 880-voice Integrated Services Router
  • 881-cube Integrated Services Router
  • 881 3g
  • 881 3g Integrated Services Router
  • 881 Secure Fast Ethernet
  • 881w Integrated Services Router
  • 886va-cube Integrated Services Router
  • 886va-w Integrated Services Router
  • 886va Integrated Services Router
  • 886vag 3g Integrated Services Router
  • 887 Multi-mode Vdsl2\/asdl2\+ Pots
  • 887va-cube Integrated Services Router
  • 887va-w Integrated Services Router
  • 887va Integrated Services Router
  • 887vag 3g Integrated Services Router
  • 887vagw 3g
  • 887vam-w Integrated Services Router
  • 887vamg 3g Integrated Services Router
  • 888-cube Integrated Services Router
  • 888 Integrated Services Router
  • 888e-cube Integrated Services Router
  • 888e Integrated Services Router
  • 888eg 3g Integrated Services Router
  • 888w Integrated Services Router
  • 891-24x Integrated Services Router
  • 891 Integrated Services Router
  • 891w Integrated Services Router
  • 892 Integrated Services Router
  • 892f-cube Integrated Services Router
  • 892w Integrated Services Router
  • 896 Multi-mode Vdsl2\/adsl2\+ Isdn
  • 897 Multi-mode Vdsl2\/adsl2\+ Pots
  • 897 Multi-mode Vdsl2\/adsl2\+ Pots Annex M
  • 898 Secure G.shdsl Efm\/atm
  • C866vae Integrated Services Router
  • C867vae Integrated Services Router
  • C881 Integrated Services Router
  • C881w Integrated Services Router
  • C886va Integrated Services Routers
  • C886vaj Integrated Services Router
  • C887va Integrated Services Routers
  • C887vam Integrated Services Routers
  • C888 Integrated Services Router
  • C888ea Integrated Services Router
  • C891f Integrated Services Routers
  • C891fw Integrated Services Router
  • C892fsp Integrated Services Router
  • C896va Integrated Services Router
  • C897va-m Integrated Services Router
  • C897va Integrated Services Router
  • C897vam-w Integrated Services Router
  • C897vaw Integrated Services Router
  • C898ea Integrated Services Router
  • C899 Secure Gigabit Ethernet
  • Ios
  • Vg204xm Analog Voice Gateway
  • Vg350 Analog Voice Gateway
  • Vg3x0 Analog Voice Gateway
Rockwellautomation
  • Stratix 5900

Configuration 1 [-]

AND
OR cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1905_serial_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2010_connected_grid_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2901_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2911_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2911a_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2921_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:2951_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:3925_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:3925e_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:3945_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:3945e_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:5915_embedded_service_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:5921_embedded_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:5940_embedded_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:800_series_routers:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:800m_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:812_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:812_cifi_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_hardened_3g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_hardened_dual_radio_802.11n_wifi_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_hardened_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_non-hardened_4g_lte_m2m:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:860vae-w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:861w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:866vae_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:867vae_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:880-voice_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:881-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:881_3g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:881_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:881_secure_fast_ethernet:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:881w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:886va-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:886vag_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887_multi-mode_vdsl2\/asdl2\+_pots:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887va-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887vag_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887vagw_3g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887vam-w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:887vamg_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888e-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888e_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888eg_3g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:888w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:891-24x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:891w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:892f-cube_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:892w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:896_multi-mode_vdsl2\/adsl2\+_isdn:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:897_multi-mode_vdsl2\/adsl2\+_pots:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:897_multi-mode_vdsl2\/adsl2\+_pots_annex_m:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:898_secure_g.shdsl_efm\/atm:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c866vae_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c867vae_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c881_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c881w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c886va_integrated_services_routers:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c886vaj_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c887va_integrated_services_routers:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c887vam_integrated_services_routers:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c888_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c888ea_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c891f_integrated_services_routers:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c891fw_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c892fsp_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c896va_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c897va-m_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c897va_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c897vam-w_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c897vaw_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c898ea_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c899_secure_gigabit_ethernet:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vg204xm_analog_voice_gateway:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vg350_analog_voice_gateway:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:vg3x0_analog_voice_gateway:-:*:*:*:*:*:*:*
cpe:2.3:h:rockwellautomation:stratix_5900:-:*:*:*:*:*:*:*
OR cpe:2.3:o:cisco:ios:15.4\(3\)m6:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(3\)m6a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(3\)m7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(3\)m7a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(3\)m8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(3.0i\)m6:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m4a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m4b:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m4c:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m5a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m6:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(3\)m6a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(1\)t2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(1\)t3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(2\)t1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(2\)t2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(2\)t3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m0a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m1a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m1b:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m2a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.6\(3\)m3a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.7\(3\)m:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.7\(3\)m0a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.7\(3\)m1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.7\(3\)m2:*:*:*:*:*:*:*

No data.

References
Link Providers
http://www.securityfocus.com/bid/103571 cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-03-28T22:00:00

Updated: 2024-08-05T03:14:16.957Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0163

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-03-28T22:29:00.750

Modified: 2021-04-28T22:38:37.293

Link: CVE-2018-0163

cve-icon Redhat

No data.