CVE-2018-5389 — Weak Password Requirements in Internet KEY Exchange

CWE-521 — Weak Password Requirements CWE-325 — Missing Cryptographic Step6 documents6 sources

Severity

5.9MEDIUMNVD

EPSS

1.1%

top 22.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Strongswan Ietf Internet KEY Exchange Debian Libreswan +1 more

Timeline

PublishedSep 6

Latest updateMay 13

Description

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶NVDietf/internet_key_exchange1.0

▶debiandebian/libreswan

▶debiandebian/strongswan

▶CVEListV5strongswan/strongswan5.5.1

🔴Vulnerability Details

GHSA

GHSA-999m-cq5c-hqgx: The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks↗2022-05-13

▶

OSV

CVE-2018-5389: The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks↗2018-09-06

▶

📋Vendor Advisories

Red Hat

IKEv1: IKEv1 protocol vulnerability in the authentication mode with pre-shared keys in the main mode of operation↗2018-08-14

▶

Debian

CVE-2018-5389: libreswan - The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or br...↗2018

▶

💬Community

Bugzilla

CVE-2018-5389 IKEv1: IKEv1 protocol vulnerability in the authentication mode with pre-shared keys in the main mode of operation↗2018-07-19

▶