CVE-2018-15372

{"id": "CVE-2018-15372", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.8, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2018-10-05T14:29:06.327", "references": [{"url": "http://www.securityfocus.com/bid/105416", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-macsec", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in the affected software. An attacker could exploit this vulnerability by connecting to and passing traffic through a Layer 3 interface of an affected device, if the interface is configured for MACsec MKA using EAP-TLS and is running in access-session closed mode. A successful exploit could allow the attacker to bypass 802.1x network access controls and gain access to the network."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad MACsec Key Agreement (MKA) empleando Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) de Cisco IOS XE Software podr\u00eda permitir que un atacante adyacente sin autenticar omita la autenticaci\u00f3n y pase tr\u00e1fico a trav\u00e9s de una interfaz Layer 3 de un dispositivo afectado. La vulnerabilidad se debe a un error de l\u00f3gica en el software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose y pasando tr\u00e1fico mediante una interfaz Layer 3 de un dispositivo afectado, si dicha interfaz est\u00e1 configurada para MKA MACsec utilizando EAP-TLS y se est\u00e1 ejecutando en modo \"access-session closed\". Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante omita los controles de acceso de red 802.1x y obtenga acceso a la red."}], "lastModified": "2019-10-09T23:35:28.483", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}