Vulnerability CVE-2018-5389

Vulnerability Name:

CVE-2018-5389 (CCN-148398)

Assigned:

2018-08-14

Published:

2018-08-14

Updated:

2019-10-09

Summary:

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

7.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

7.1 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-521

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-5389

Source: CCN
Type: US-CERT VU#857035
IKEv1 Main Mode vulnerable to brute force attacks

Source: MISC
Type: Third Party Advisory
https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key

Source: XF
Type: UNKNOWN
ikev1-cve20185389-info-disc(148398)

Source: CCN
Type: Web-Security and -Insecurity Blog, August 13, 2018
Practical Dictionary Attack on IPsec IKE

Source: MISC
Type: Exploit, Third Party Advisory
https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#857035

Source: MISC
Type: Third Party Advisory
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf

Vulnerable Configuration:

Configuration 1:

cpe:/a:ietf:internet_key_exchange:1.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ietf:internet_key_exchange:1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.disco:def:201853890000000	V	CVE-2018-5389 on Ubuntu 19.04 (disco) - low.	2018-09-06
oval:com.ubuntu.bionic:def:20185389000	V	CVE-2018-5389 on Ubuntu 18.04 LTS (bionic) - low.	2018-09-06
oval:com.ubuntu.cosmic:def:201853890000000	V	CVE-2018-5389 on Ubuntu 18.10 (cosmic) - low.	2018-09-06
oval:com.ubuntu.cosmic:def:20185389000	V	CVE-2018-5389 on Ubuntu 18.10 (cosmic) - low.	2018-09-06
oval:com.ubuntu.bionic:def:201853890000000	V	CVE-2018-5389 on Ubuntu 18.04 LTS (bionic) - low.	2018-09-06
oval:com.ubuntu.trusty:def:20185389000	V	CVE-2018-5389 on Ubuntu 14.04 LTS (trusty) - low.	2018-09-06
oval:com.ubuntu.xenial:def:201853890000000	V	CVE-2018-5389 on Ubuntu 16.04 LTS (xenial) - low.	2018-09-06
oval:com.ubuntu.xenial:def:20185389000	V	CVE-2018-5389 on Ubuntu 16.04 LTS (xenial) - low.	2018-09-06

BACK