Overview
Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.
Description
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389) It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible. |
Impact
An attacker may be able to recover a weak Pre-Shared Key. |
Solution
Use Secure Passwords |
Vendor Information
Netgear, Inc.
Notified: July 18, 2018 Updated: August 17, 2018
Status
Not Affected
Vendor Statement
NETGEAR is aware of the CERT CC IKE Protocol Vulnerability note and the mention of NETGEAR devices being affected. Currently shipping NETGEAR hardware products are not affected by this vulnerability because they do not implement IPSEC with IKE and Pre-Shared Keys. Older models that are no longer supported have provided IPSEC functionality; if those are still in service, the CERT advisory applies. Best practice when using Pre-Shared Keys is to ensure that Pre-Shared Keys are long and cryptographically strong. None of our currently shipping hardware products are affected.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
3com Inc
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ACCESS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ADTRAN
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ARRIS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ASP Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AT&T
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AVM GmbH
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Actiontec
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AirWatch
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Alcatel-Lucent Enterprise
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Amazon
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Android Open Source Project
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Appgate Network Security
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Apple
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Arch Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Arista Networks, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Aruba Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AsusTek Computer Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Avaya, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Belkin, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
BlackBerry
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
BlueCat Networks, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Broadcom
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Brocade Communication Systems
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cambium Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Check Point Software Technologies
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cisco
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Command Software Systems
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
CoreOS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
D-Link Systems, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Debian GNU/Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Dell
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Dell EMC
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
DesktopBSD
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Deutsche Telekom
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Devicescape
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Digi International
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
DragonFly BSD Project
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
EfficientIP SAS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Espressif Systems
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Extreme Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
F-Secure Corporation
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fedora Project
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Force10 Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
FreeS/Wan
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fujitsu
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
GNU glibc
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Geexbox
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Gentoo Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
HP Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
HTC
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
HardenedBSD
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hitachi
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Honeywell
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Huawei Technologies
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM Corporation (zseries)
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM eServer
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM, INC.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
InfoExpress, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Infoblox
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Intel
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Internet Systems Consortium
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Internet Systems Consortium - DHCP
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Interniche Technologies, inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Intoto
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Joyent
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Juniper Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
KAME Project
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lancope
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lantronix
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lenovo
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Linksys
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Marvell Semiconductors
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
McAfee
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MediaTek
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MetaSwitch
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Micro Focus
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Microchip Technology
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Microsoft
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MikroTik
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Miredo
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Mitel Networks, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NEC Corporation
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NETSCOUT
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NetBSD
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nokia
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nominum
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Novell, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OmniTI
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenBSD
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenBSD IPSec
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenConnect
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenDNS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Openwall GNU/*/Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Oracle Corporation
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Peplink
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Philips Electronics
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
PowerDNS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Pulse Secure
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
QLogic
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
QNX Software Systems Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
QUALCOMM Incorporated
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Quagga
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Quantenna Communications
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Red Hat, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Roku
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ruckus Wireless
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SUSE Linux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Samsung Mobile
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Secure64 Software Corporation
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sierra Wireless
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Slackware Linux Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Snort
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sonos
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sony Corporation
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sourcefire
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Symantec
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Synology
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TP-LINK
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Technicolor
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TippingPoint Technologies Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Toshiba Commerce Solutions
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TrueOS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Turbolinux
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ubiquiti Networks
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ubuntu
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Unisys
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
VMware
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Watchguard Technologies, Inc.
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Wind River
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Zebra Technologies
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ZyXEL
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
aep NETWORKS
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
dnsmasq
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
eero
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
m0n0wall
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
netsnmp
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
pfSENSE
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
strongSwan
Notified: July 18, 2018 Updated: July 18, 2018
Status
Unknown
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 8.8 | AV:N/AC:M/Au:N/C:C/I:C/A:N |
| Temporal | 7.9 | E:POC/RL:U/RC:-- |
| Environmental | 7.9 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
References
Credit
Thanks to Martin Grothe Joerg Schwenk and Dennis Felsc h for reporting this vulnerability.
This document was written by Trent Novelly.
Other Information
| CVE IDs: | CVE-2018-5389 |
| Date Public: | 2018-08-14 |
| Date First Published: | 2018-08-14 |
| Date Last Updated: | 2018-08-17 15:13 UTC |
| Document Revision: | 14 |