Vulnerability Details : CVE-2018-5389
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
Exploit prediction scoring system (EPSS) score for CVE-2018-5389
Probability of exploitation activity in the next 30 days: 0.21%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-5389
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2018-5389
-
Nonces should be used for the present occasion and only once.Assigned by: cret@cert.org (Secondary)
-
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-5389
-
https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html
On Web-Security and -Insecurity: Practical Dictionary Attack on IPsec IKEExploit;Third Party Advisory
-
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
Third Party Advisory
-
https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key
Great Cipher, But Where Did You Get That Key? - Cisco BlogThird Party Advisory
-
https://www.kb.cert.org/vuls/id/857035
VU#857035 - IKEv1 Main Mode vulnerable to brute force attacksThird Party Advisory;US Government Resource
Products affected by CVE-2018-5389
- cpe:2.3:a:ietf:internet_key_exchange:1.0:*:*:*:*:*:*:*