Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1522
Views
40
Helpful
9
Replies

CSCve77140 - Cisco IOS IKEv1 vulnerable to Bleichenbacher style attacks against RSA encrypted nonces

Go to solution
Lukas Runge
Level 1
Level 1

‎08-16-2018 12:52 AM

Basic question regarding Bug Search Tool

In the Bug Search I can see:
Known Affected Releases: (1)
15.5(3)S

Does it mean that every SW version before 15.5(3)S is affected as well? Like for example version 15.0.(2)SE11 ? Or does it mean that only this sw version is affected?

 

Thanks in advance!

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Lukas Runge

‎08-16-2018 03:24 AM - edited ‎08-16-2018 03:26 AM

@Lukas Runge wrote:

Why does Cisco publish that only one SW version is affected in the bug search tool?

A very important tip:  Never, ever, trust information(s) found in Bug IDs.  

Information found in Bug IDs are seldom accurate.  Once it's published it is extremely (like pulling teeth from a hunger lion) difficult to get them updated.  It is a lot easier to raise a TAC Case and get the correct information that way. 

Security Bulletins/Advisory, however, are regularly updated (because they are viewed by wider audience). 

@Lukas Runge wrote:

Cisco IOS - yes
authentication rsa-encr -> enabled

This means you "could be" vulnerable.  I say "could be" because no known/reported exploit has (yet) been reported.
 

View solution in original post

9 Replies 9

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎08-16-2018 01:09 AM

Does your router have the command "authentication rsa-encr" in the config?

Go to solution
Lukas Runge
Level 1
Level 1
In response to Leo Laohoo

‎08-16-2018 01:13 AM

Hello @Leo Laohoo

I have read the vendor advisory, which states: This vulnerability affects Cisco IOS Software and Cisco IOS XE Software that is configured with the authentication rsa-encr option.

But my question is more kind of a basic uestion regarding the layout of the bug search. I need to know if only the indicated version is affected, or every version before that as well?

Thank you.

Go to solution
Lukas Runge
Level 1
Level 1
In response to Leo Laohoo

‎08-16-2018 01:14 AM

Hello @Leo Laohoo

 

I have read the vendor advisory, which states: This vulnerability affects Cisco IOS Software and Cisco IOS XE Software that is configured with the authentication rsa-encr option.

But my question is more kind of a basic uestion regarding the layout of the bug search. I need to know if only the indicated version is affected, or every version before that as well?

Thank you.

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Lukas Runge

‎08-16-2018 01:38 AM

Firstly, the main question is the configuration line of "authentication rsa-encr". If this line isn't present in the configuration then it's nothing to worry about.
But if the command "authentication rsa-encr" is present, the next question is whether or not the router is running Cisco IOS, IOS XE or IOS XR. If it's IOS XR, then not to worry.
However, if the command "authentication rsa-encr" is present and the router is running IOS XE or IOS then the threat is preset and it's across all versions.

Go to solution
Lukas Runge
Level 1
Level 1
In response to Leo Laohoo

‎08-16-2018 03:00 AM

Hello @Leo Laohoo

Thank you for your answer. But if this is the case:
Cisco IOS - yes
&& authentication rsa-encr -> enabled

Why does Cisco publish that only one SW version is affected in the bug search tool?

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Lukas Runge

‎08-16-2018 03:24 AM - edited ‎08-16-2018 03:26 AM

@Lukas Runge wrote:

Why does Cisco publish that only one SW version is affected in the bug search tool?

A very important tip:  Never, ever, trust information(s) found in Bug IDs.  

Information found in Bug IDs are seldom accurate.  Once it's published it is extremely (like pulling teeth from a hunger lion) difficult to get them updated.  It is a lot easier to raise a TAC Case and get the correct information that way. 

Security Bulletins/Advisory, however, are regularly updated (because they are viewed by wider audience). 

@Lukas Runge wrote:

Cisco IOS - yes
authentication rsa-encr -> enabled

This means you "could be" vulnerable.  I say "could be" because no known/reported exploit has (yet) been reported.
 

Go to solution
Lukas Runge
Level 1
Level 1
In response to Leo Laohoo

‎08-16-2018 06:18 AM

Hi @Leo Laohoo,

me again. :)
Can you tell me the command to check if the authentication rsa-encr option is enabled?

sh run | i rsa ?

thanks in advance again

Go to solution
Lukas Runge
Level 1
Level 1
In response to Leo Laohoo

‎08-16-2018 06:22 AM

Hello @Leo Laohoo,

 

how can check if the authentication rsa-encr option is enabled?

 

(sh run | i rsa) ?

 

Thanks in advance,
Lukas

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Lukas Runge

‎08-16-2018 06:23 PM

sh run | i rsa-encr
Customers Also Viewed These Support Documents