A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.
References
| Link | Resource |
|---|---|
| http://www.securityfocus.com/bid/103571 | Third Party Advisory VDB Entry |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
No history.
Information
Published : 2018-03-28 22:29
Updated : 2024-02-04 19:46
NVD link : CVE-2018-0163
Mitre link : CVE-2018-0163
CVE.ORG link : CVE-2018-0163
JSON object : View
Products Affected
cisco
- c897vaw_integrated_services_router
- c867vae_integrated_services_router
- 861w_integrated_services_router
- 887vamg_3g_integrated_services_router
- 3945_integrated_services_router
- 887vagw_3g
- c881w_integrated_services_router
- 5921_embedded_services_router
- 888-cube_integrated_services_router
- 2911_integrated_services_router
- vg3x0_analog_voice_gateway
- 886va-cube_integrated_services_router
- 881_secure_fast_ethernet
- c897va_integrated_services_router
- 888e-cube_integrated_services_router
- 809_industrial_integrated_services_router
- c897va-m_integrated_services_router
- 2921_integrated_services_router
- 887vag_3g_integrated_services_router
- 866vae_integrated_services_router
- 892f-cube_integrated_services_router
- 898_secure_g.shdsl_efm\/atm
- 819_hardened_dual_radio_802.11n_wifi_integrated_services_router
- 819_integrated_services_router
- 887_multi-mode_vdsl2\/asdl2\+_pots
- 881_3g_integrated_services_router
- 819_hardened_3g
- 3945e_integrated_services_router
- 3925e_integrated_services_router
- 812_cifi_integrated_services_router
- c899_secure_gigabit_ethernet
- vg204xm_analog_voice_gateway
- 819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router
- 1240_connected_grid_router
- 829_industrial_integrated_services_router
- c892fsp_integrated_services_router
- 2010_connected_grid_router
- c881_integrated_services_router
- 5915_embedded_service_router
- c891fw_integrated_services_router
- 800m_integrated_services_router
- 819_hardened_integrated_services_router
- 886va-w_integrated_services_router
- c888_integrated_services_router
- 5940_embedded_services_router
- 892w_integrated_services_router
- 881-cube_integrated_services_router
- 1941_integrated_services_router
- 800_series_routers
- 2911a_integrated_services_router
- 1921_integrated_services_router
- 3925_integrated_services_router
- c898ea_integrated_services_router
- 891w_integrated_services_router
- 1941w_integrated_services_router
- c887va_integrated_services_routers
- 886va_integrated_services_router
- c886vaj_integrated_services_router
- c888ea_integrated_services_router
- 888_integrated_services_router
- 812_3g_integrated_services_router
- 880-voice_integrated_services_router
- 881_3g
- 887vam-w_integrated_services_router
- 867vae_integrated_services_router
- 861_integrated_services_router
- 860vae-w_integrated_services_router
- 897_multi-mode_vdsl2\/adsl2\+_pots_annex_m
- 1906c_integrated_services_router
- 1905_serial_integrated_services_router
- 888e_integrated_services_router
- c891f_integrated_services_routers
- 819_non-hardened_4g_lte_m2m
- c887vam_integrated_services_routers
- 887va-cube_integrated_services_router
- ios
- 888w_integrated_services_router
- 891-24x_integrated_services_router
- 887va-w_integrated_services_router
- vg350_analog_voice_gateway
- c896va_integrated_services_router
- 897_multi-mode_vdsl2\/adsl2\+_pots
- c866vae_integrated_services_router
- 886vag_3g_integrated_services_router
- 892_integrated_services_router
- c886va_integrated_services_routers
- c897vam-w_integrated_services_router
- 896_multi-mode_vdsl2\/adsl2\+_isdn
- 887va_integrated_services_router
- 888eg_3g_integrated_services_router
- 881w_integrated_services_router
- 1120_connected_grid_router
- 2951_integrated_services_router
- 2901_integrated_services_router
- 891_integrated_services_router
rockwellautomation
- stratix_5900
CWE
CWE-287
Improper Authentication