Vulnerability Note VU#857035

IKEv1 Main Mode vulnerable to brute force attacks

Original Release date: 14 Aug 2018 | Last revised: 17 Aug 2018

Overview

Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

Description

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389)

It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible.

Impact

An attacker may be able to recover a weak Pre-Shared Key.

Solution

Use Secure Passwords
Use cryptographically secure PSK values that resist brute force or dictionary attacks.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Netgear, Inc.Not Affected18 Jul 201817 Aug 2018
3com IncUnknown18 Jul 201818 Jul 2018
ACCESSUnknown18 Jul 201818 Jul 2018
ActiontecUnknown18 Jul 201818 Jul 2018
ADTRANUnknown18 Jul 201818 Jul 2018
aep NETWORKSUnknown18 Jul 201818 Jul 2018
AirWatchUnknown18 Jul 201818 Jul 2018
Alcatel-Lucent EnterpriseUnknown18 Jul 201818 Jul 2018
AmazonUnknown18 Jul 201818 Jul 2018
Android Open Source ProjectUnknown18 Jul 201818 Jul 2018
Appgate Network SecurityUnknown18 Jul 201818 Jul 2018
AppleUnknown18 Jul 201818 Jul 2018
Arch LinuxUnknown18 Jul 201818 Jul 2018
Arista Networks, Inc.Unknown18 Jul 201818 Jul 2018
ARRISUnknown18 Jul 201818 Jul 2018
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base 8.8 AV:N/AC:M/Au:N/C:C/I:C/A:N
Temporal 7.9 E:POC/RL:U/RC:--
Environmental 7.9 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Martin Grothe , Joerg Schwenk , and Dennis Felsc h for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

  • CVE IDs: CVE-2018-5389
  • Date Public: 14 Aug 2018
  • Date First Published: 14 Aug 2018
  • Date Last Updated: 17 Aug 2018
  • Document Revision: 14

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.