CVE-2018-0163 — MEDIUM (6.5)

Vulnerability Description

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Ios	15.4\(3\)m6
Cisco	1120 Connected Grid Router	-
Cisco	1240 Connected Grid Router	-
Cisco	1905 Serial Integrated Services Router	-
Cisco	1906C Integrated Services Router	-
Cisco	1921 Integrated Services Router	-
Cisco	1941 Integrated Services Router	-
Cisco	1941W Integrated Services Router	-
Cisco	2010 Connected Grid Router	-
Cisco	2901 Integrated Services Router	-
Cisco	2911 Integrated Services Router	-
Cisco	2911A Integrated Services Router	-
Cisco	2921 Integrated Services Router	-
Cisco	2951 Integrated Services Router	-
Cisco	3925 Integrated Services Router	-
Cisco	3925E Integrated Services Router	-
Cisco	3945 Integrated Services Router	-
Cisco	3945E Integrated Services Router	-
Cisco	5915 Embedded Service Router	-
Cisco	5921 Embedded Services Router	-

Related Weaknesses (CWE)

CWE-287

References

http://www.securityfocus.com/bid/103571Third Party AdvisoryVDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
http://www.securityfocus.com/bid/103571Third Party AdvisoryVDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory

FAQ

What is CVE-2018-0163?

CVE-2018-0163 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi...

How severe is CVE-2018-0163?

CVE-2018-0163 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0163?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco 1120 Connected Grid Router, Cisco 1240 Connected Grid Router, Cisco 1905 Serial Integrated Services Router, Cisco 1906C Integrated Services Router.