Vulnerability Details CVE-2018-8753
The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.3%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html
- https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1
- https://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.html
- https://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1
Products affected by CVE-2018-8753
-
cpe:2.3:a:clavister:cos_core:*
-
cpe:2.3:a:clavister:cos_core:11.20.00
-
cpe:2.3:a:clavister:cos_core:12.00.00
-
cpe:2.3:a:clavister:cos_core:12.00.01
-
cpe:2.3:a:clavister:cos_core:12.00.02
-
cpe:2.3:a:clavister:cos_core:12.00.03
-
cpe:2.3:a:clavister:cos_core:12.00.04
-
cpe:2.3:a:clavister:cos_core:12.00.05
-
cpe:2.3:a:clavister:cos_core:12.00.06
-
cpe:2.3:a:clavister:cos_core:12.00.07
-
cpe:2.3:a:clavister:cos_core:12.00.08