Executive Summary

Summary
Title IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products
Informations
Name cisco-sa-20160916-ikev1 First vendor Publication 2016-09-16
Vendor Cisco Last vendor Modification 2016-09-16
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in IKEv1 packet processing code in Cisco IOS, Cisco IOS XE and Cisco IOS XR Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information.

Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1

BEGIN PGP SIGNATURE

iQIVAwUBV9xaxa89gD3EAJB5AQLT6BAA0Wu+va2D7PlcKnpHHrmYwCwdeHZr6S9h +VTOhzWh7JC1jvGWUcz1mW3IOptKvN7Wb4GY+nI8YVgXS/cd4Bo8FSwOla5MFS0J Y4LKo+kdEtrOuiXNiqMAdoExUXtCHYm08L8WbLS/ES5UEoTB5hO9EO8HA1wRQ/Yi +/6pJGmseqgINIaX2eeqi7jjRB+47lbUoS/rlWAAuzskmK76MOOLmMYosNWqIvbV Ja1f9/wr0rO9OCBuBbZsPfs9YH2sRF+q5uzxnt4bJMBN1smY/ow9dB59tV6caNff xM2CQUhB6/0EyszMRvjANt06g49nOl8hixJOzDz+TaJ2xOR//K5M8dhqguQ8J42j cK0s4ayey0ks/qOdxsK34q4Q7OuSmWrJJIAymypgJEVZ/VWK54kJIU+OOfMvNqvC cOPUfE+kjr0SHqHMJ5aNJwU3W/owCTftj5QDRinuoe0EZ/iWE45d1JMZJAQpJsTU 5XDY/QrZiu9+Drj8RsgWeoiEtpO9Wep0cIAXoOFwXE9kUGuw6yngv1H1q2BF599N kHa+5A8ULySwKWwFUa4/XGvMITAQXOLIdUFDGRfMozegFPOtDj82cepPt7yIxfPG fGKwnvi5wPT/b9JoMRIbmahNHHIKJbe6Z+J4+i7eK3Fl6Syr9HtptZIBta3lCX8Q UAD0xvStymY= =s4x7 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-200 Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 10
Application 2
Hardware 286
Hardware 1
Os 6992
Os 722
Os 161

Snort® IPS/IDS

Date Description
2016-10-10 Cisco IOS Group-Prime SHA memory disclosure attempt
RuleID : 40222-community - Revision : 5 - Type : SERVER-OTHER
2016-09-16 Cisco IOS Group-Prime SHA memory disclosure attempt
RuleID : 40222 - Revision : 5 - Type : SERVER-OTHER
2016-10-10 Cisco IOS Group-Prime MD5 memory disclosure attempt
RuleID : 40221-community - Revision : 5 - Type : SERVER-OTHER
2016-09-16 Cisco IOS Group-Prime MD5 memory disclosure attempt
RuleID : 40221 - Revision : 5 - Type : SERVER-OTHER
2016-10-10 Cisco IOS Group-Prime memory disclosure exfiltration attempt
RuleID : 40220-community - Revision : 6 - Type : SERVER-OTHER
2016-09-16 Cisco IOS Group-Prime memory disclosure exfiltration attempt
RuleID : 40220 - Revision : 6 - Type : SERVER-OTHER

Metasploit Database

id Description
2016-09-29 Cisco IKE Information Disclosure

Nessus® Vulnerability Scanner

Date Description
2017-01-26 Name : A remote device is affected by an information disclosure vulnerability.
File : cisco_ikev1_info_disclosure.nasl - Type : ACT_ATTACK
2016-09-27 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20160916-ikev1-ios.nasl - Type : ACT_GATHER_INFO
2016-09-27 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20160916-ikev1-iosxe.nasl - Type : ACT_GATHER_INFO
2016-09-27 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20160916-ikev1-iosxr.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2020-05-23 13:16:43
  • Multiple Updates
2017-01-28 13:25:42
  • Multiple Updates
2016-09-28 13:25:12
  • Multiple Updates
2016-09-19 21:21:08
  • Multiple Updates
2016-09-19 09:22:53
  • Multiple Updates
2016-09-17 00:22:51
  • First insertion