Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2018-5389

Published: 06/09/2018 Updated: 09/10/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Ietf

Vulnerability Summary

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an malicious user to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ietf internet key exchange 1.0

Vendor Advisories

Red Hat: CVE-2018-5389
It was found that IKEv1 (and potentially IKEv2) authentication when using a pre-shared key (PSK) is vulnerable to offline dictionary attacks in Main Mode as well as in Aggressive Mode A man-in-the-middle attacker who intercepted the handshake of two peers authenticating with a PSK, could apply a brute-force attack to recover the shared secret ...

References

CWE-521https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdfhttps://www.kb.cert.org/vuls/id/857035https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.htmlhttps://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-keyhttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2018-5389https://www.kb.cert.org/vuls/id/857035
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook