CVE-2018-0131

Name of the Vulnerable Software and Affected Versions Cisco IOS and Cisco IOS XE (affected versions not specified)

Description The issue is related to errors in decrypting traffic in the implementation of the Internet Key Exchange (IKE) protocol in Cisco IOS and Cisco IOS XE. This could allow a remote attacker to obtain session keys and decrypt traffic by sending specially crafted data packets to the device. The vulnerability exists because the affected software responds incorrectly to decryption failures, allowing an attacker to exploit this by sending crafted ciphertexts to a device configured with IKEv1 that uses RSA-encrypted nonces. A successful exploit could allow the attacker to obtain the encrypted nonces.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.