CVE-2018-0163 - Vulnerability Details

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Cisco	1120 Connected Grid Router 1240 Connected Grid Router 1905 Serial Integrated Services Router 1906c Integrated Services Router 1921 Integrated Services Router 1941 Integrated Services Router 1941w Integrated Services Router 2010 Connected Grid Router 2901 Integrated Services Router 2911 Integrated Services Router 2911a Integrated Services Router 2921 Integrated Services Router 2951 Integrated Services Router 3925 Integrated Services Router 3925e Integrated Services Router 3945 Integrated Services Router 3945e Integrated Services Router 5915 Embedded Service Router 5921 Embedded Services Router 5940 Embedded Services Router 800 Series Routers 800m Integrated Services Router 809 Industrial Integrated Services Router 812 3g Integrated Services Router 812 Cifi Integrated Services Router 819 Hardened 3g 819 Hardened Dual Radio 802.11n Wifi Integrated Services Router 819 Hardened Integrated Services Router 819 Integrated Services Router 819 Non-hardened 4g Lte M2m 819 Non-hardened Secure Multi-mode 4g Lte M2m Isr Router 829 Industrial Integrated Services Router 860vae-w Integrated Services Router 861 Integrated Services Router 861w Integrated Services Router 866vae Integrated Services Router 867vae Integrated Services Router 880-voice Integrated Services Router 881-cube Integrated Services Router 881 3g 881 3g Integrated Services Router 881 Secure Fast Ethernet 881w Integrated Services Router 886va-cube Integrated Services Router 886va-w Integrated Services Router 886va Integrated Services Router 886vag 3g Integrated Services Router 887 Multi-mode Vdsl2\/asdl2\+ Pots 887va-cube Integrated Services Router 887va-w Integrated Services Router 887va Integrated Services Router 887vag 3g Integrated Services Router 887vagw 3g 887vam-w Integrated Services Router 887vamg 3g Integrated Services Router 888-cube Integrated Services Router 888 Integrated Services Router 888e-cube Integrated Services Router 888e Integrated Services Router 888eg 3g Integrated Services Router 888w Integrated Services Router 891-24x Integrated Services Router 891 Integrated Services Router 891w Integrated Services Router 892 Integrated Services Router 892f-cube Integrated Services Router 892w Integrated Services Router 896 Multi-mode Vdsl2\/adsl2\+ Isdn 897 Multi-mode Vdsl2\/adsl2\+ Pots 897 Multi-mode Vdsl2\/adsl2\+ Pots Annex M 898 Secure G.shdsl Efm\/atm C866vae Integrated Services Router C867vae Integrated Services Router C881 Integrated Services Router C881w Integrated Services Router C886va Integrated Services Routers C886vaj Integrated Services Router C887va Integrated Services Routers C887vam Integrated Services Routers C888 Integrated Services Router C888ea Integrated Services Router C891f Integrated Services Routers C891fw Integrated Services Router C892fsp Integrated Services Router C896va Integrated Services Router C897va-m Integrated Services Router C897va Integrated Services Router C897vam-w Integrated Services Router C897vaw Integrated Services Router C898ea Integrated Services Router C899 Secure Gigabit Ethernet Ios Vg204xm Analog Voice Gateway Vg350 Analog Voice Gateway Vg3x0 Analog Voice Gateway
Rockwellautomation	Stratix 5900

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ios:15.4\(3\)m6:::::::*
	cpe:2.3:o:cisco:ios:15.4\(3\)m6a:::::::*
	cpe:2.3:o:cisco:ios:15.4\(3\)m7:::::::*
	cpe:2.3:o:cisco:ios:15.4\(3\)m7a:::::::*
	cpe:2.3:o:cisco:ios:15.4\(3\)m8:::::::*
	cpe:2.3:o:cisco:ios:15.4\(3.0i\)m6:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m3:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m4:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m4a:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m4b:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m4c:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m5:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m5a:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m6:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m6a:::::::*
	cpe:2.3:o:cisco:ios:15.6\(1\)t2:::::::*
	cpe:2.3:o:cisco:ios:15.6\(1\)t3:::::::*
	cpe:2.3:o:cisco:ios:15.6\(2\)t1:::::::*
	cpe:2.3:o:cisco:ios:15.6\(2\)t2:::::::*
	cpe:2.3:o:cisco:ios:15.6\(2\)t3:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m0a:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m1:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m1a:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m1b:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m2:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m2a:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m3:::::::*
	cpe:2.3:o:cisco:ios:15.6\(3\)m3a:::::::*
	cpe:2.3:o:cisco:ios:15.7\(3\)m:::::::*
	cpe:2.3:o:cisco:ios:15.7\(3\)m0a:::::::*
	cpe:2.3:o:cisco:ios:15.7\(3\)m1:::::::*
	cpe:2.3:o:cisco:ios:15.7\(3\)m2:::::::*

OR	cpe:2.3:h:cisco:1120_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:1240_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:1905_serial_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1906c_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1921_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1941_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1941w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:2010_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:2901_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:2911_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:2911a_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:2921_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:2951_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:3925_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:3925e_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:3945_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:3945e_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:5915_embedded_service_router:-:::::::*
	cpe:2.3:h:cisco:5921_embedded_services_router:-:::::::*
	cpe:2.3:h:cisco:5940_embedded_services_router:-:::::::*
	cpe:2.3:h:cisco:800_series_routers:-:::::::*
	cpe:2.3:h:cisco:800m_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:812_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:812_cifi_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:819_hardened_3g:-:::::::*
	cpe:2.3:h:cisco:819_hardened_dual_radio_802.11n_wifi_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:819_hardened_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:819_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:819_non-hardened_4g_lte_m2m:-:::::::*
	cpe:2.3:h:cisco:819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router:-:::::::*
	cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:860vae-w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:861_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:861w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:866vae_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:867vae_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:880-voice_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:881-cube_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:881_3g:-:::::::*
	cpe:2.3:h:cisco:881_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:881_secure_fast_ethernet:-:::::::*
	cpe:2.3:h:cisco:881w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:886va-cube_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:886va-w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:886va_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:886vag_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887_multi-mode_vdsl2\/asdl2\+_pots:-:::::::*
	cpe:2.3:h:cisco:887va-cube_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887va-w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887va_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887vag_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887vagw_3g:-:::::::*
	cpe:2.3:h:cisco:887vam-w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:887vamg_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888-cube_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888e-cube_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888e_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888eg_3g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:888w_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:891-24x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:891_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:891w_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:892_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:892f-cube_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:892w_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:896_multi-mode_vdsl2\/adsl2\+_isdn:-:::::::*
cpe:2.3:h:cisco:897_multi-mode_vdsl2\/adsl2\+_pots:-:::::::*
cpe:2.3:h:cisco:897_multi-mode_vdsl2\/adsl2\+_pots_annex_m:-:::::::*
cpe:2.3:h:cisco:898_secure_g.shdsl_efm\/atm:-:::::::*
cpe:2.3:h:cisco:c866vae_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c867vae_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c881_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c881w_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c886va_integrated_services_routers:-:::::::*
cpe:2.3:h:cisco:c886vaj_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c887va_integrated_services_routers:-:::::::*
cpe:2.3:h:cisco:c887vam_integrated_services_routers:-:::::::*
cpe:2.3:h:cisco:c888_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c888ea_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c891f_integrated_services_routers:-:::::::*
cpe:2.3:h:cisco:c891fw_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c892fsp_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c896va_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c897va-m_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c897va_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c897vam-w_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c897vaw_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c898ea_integrated_services_router:-:::::::*
cpe:2.3:h:cisco:c899_secure_gigabit_ethernet:-:::::::*
cpe:2.3:h:cisco:vg204xm_analog_voice_gateway:-:::::::*
cpe:2.3:h:cisco:vg350_analog_voice_gateway:-:::::::*
cpe:2.3:h:cisco:vg3x0_analog_voice_gateway:-:::::::*
cpe:2.3:h:rockwellautomation:stratix_5900:-:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/103571
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x

History

Mon, 02 Dec 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-03-28T22:00:00

Updated: 2024-12-02T20:54:54.828Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0163

Vulnrichment

Updated: 2024-08-05T03:14:16.957Z

NVD

Status : Modified

Published: 2018-03-28T22:29:00.750

Modified: 2024-11-21T03:37:38.443

Link: CVE-2018-0163

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object