CVE-2018-0150
published 2018-03-28CVE-2018-0150: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE…
PriorityP186critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
4.82%
90.9th percentile
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not affect Cisco IOS XE Software releases prior to Release 16.x. Cisco Bug IDs: CSCve89880.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect use of the undocumented privilege level 15 default account introduced in Cisco IOS XE Software Release 16.x by monitoring for unexpected successful logins with privilege level 15 credentials at initial boot defaults. ↗
- →Scope detection to Cisco IOS XE Software Release 16.x only; releases prior to 16.x are not affected and should not trigger alerts for this CVE. ↗
- →Alert on unauthenticated remote login attempts to Cisco IOS XE devices that succeed with privilege level 15 access, which is indicative of exploitation of the static/hardcoded credential. ↗
- ·The vulnerability involves a hardcoded/static credential (CWE-798) for an undocumented account. Verify affected devices are running IOS XE Release 16.x and check for the presence of the undocumented user account (Bug IDs: CSCve89880, CSCve76719). Workarounds exist per the Cisco advisory. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck9.8CRITICAL
vendor_cisco9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco IOS XE Software Static Credential Vulnerability
vendor_cisco·2018-03-28·CVSS 9.8
CVE-2018-0150 [CRITICAL] CWE-798 Cisco IOS XE Software Static Credential Vulnerability
Cisco IOS XE Software Static Credential Vulnerability
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot.
The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access.
Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:
Cisco
Cisco IOS XE Software Static Credential Vulnerability
vendor_cisco·CVSS 3.0
CVE-2018-0150 Cisco IOS XE Software Static Credential Vulnerability
CVE-2018-0150: Cisco IOS XE Software Static Credential Vulnerability
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. Cisco has released software updates that address this vulnerability. There are
CVSS: 3.0
CWE: CWE-798, CWE-798
Bug IDs: CSCve76719, CSCve89880, CSCve89880, CSCve7
GHSA
GHSA-wpq9-4577-qx62: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IO
ghsa_unreviewed·2022-05-13
CVE-2018-0150 [CRITICAL] CWE-798 GHSA-wpq9-4577-qx62: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IO
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not affect Cisco IOS XE Software releases prior to
VulnCheck
Cisco ios_xe Use of Hard-coded Credentials
vulncheck·2018·CVSS 9.8
CVE-2018-0150 [CRITICAL] Cisco ios_xe Use of Hard-coded Credentials
Cisco ios_xe Use of Hard-coded Credentials
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not af
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/103539http://www.securitytracker.com/id/1040579https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xeschttp://www.securityfocus.com/bid/103539http://www.securitytracker.com/id/1040579https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc
2018-03-28
Published
Exploited in the wild