A vulnerability in the implementation of Internet Key Exchange Version 1nbsp;(IKEv1) functionality in Cisconbsp;IOS Software and Cisconbsp;IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of servicenbsp;(DoS) condition.
The vulnerability is due to improper validation of specific IKEv1 packets.

An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation.

A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability.

There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike-dos
This advisory is part of the March 28, 2018, release of the Cisconbsp;IOS and IOSnbsp;XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities.

For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2018-0159

Leave a Reply