Executive Summary

Summary
Title IKEv1 Main Mode vulnerable to brute force attacks
Informations
NameVU#857035First vendor Publication2018-08-14
VendorVU-CERTLast vendor Modification2018-08-17
Severity (Vendor) N/ARevisionM

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#857035

IKEv1 Main Mode vulnerable to brute force attacks

Original Release date: 14 Aug 2018 | Last revised: 17 Aug 2018

Overview

Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

Description

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389)

It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible.

Impact

An attacker may be able to recover a weak Pre-Shared Key.

Solution

Use Secure Passwords
Use cryptographically secure PSK values that resist brute force or dictionary attacks.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Netgear, Inc.Not Affected18 Jul 201817 Aug 2018
3com IncUnknown18 Jul 201818 Jul 2018
ACCESSUnknown18 Jul 201818 Jul 2018
ActiontecUnknown18 Jul 201818 Jul 2018
ADTRANUnknown18 Jul 201818 Jul 2018
aep NETWORKSUnknown18 Jul 201818 Jul 2018
AirWatchUnknown18 Jul 201818 Jul 2018
Alcatel-Lucent EnterpriseUnknown18 Jul 201818 Jul 2018
AmazonUnknown18 Jul 201818 Jul 2018
Android Open Source ProjectUnknown18 Jul 201818 Jul 2018
Appgate Network SecurityUnknown18 Jul 201818 Jul 2018
AppleUnknown18 Jul 201818 Jul 2018
Arch LinuxUnknown18 Jul 201818 Jul 2018
Arista Networks, Inc.Unknown18 Jul 201818 Jul 2018
ARRISUnknown18 Jul 201818 Jul 2018
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

GroupScoreVector
Base8.8AV:N/AC:M/Au:N/C:C/I:C/A:N
Temporal7.9E:POC/RL:U/RC:--
Environmental7.9CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

  • https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html
  • https://www.usenix.org/conference/usenixsecurity18/presentation/felsch
  • https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key

Credit

Thanks toMartin Grothe,Joerg Schwenk, andDennis Felsch for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

  • CVE IDs:CVE-2018-5389
  • Date Public:14 Aug 2018
  • Date First Published:14 Aug 2018
  • Date Last Updated:17 Aug 2018
  • Document Revision:14

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/857035

CWE : Common Weakness Enumeration

%idName
100 %CWE-310Cryptographic Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2018-11-14 21:21:45
  • Multiple Updates
2018-09-07 00:21:31
  • Multiple Updates
2018-08-17 21:19:11
  • Multiple Updates
2018-08-15 05:17:24
  • Multiple Updates
2018-08-15 00:18:49
  • First insertion