Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2242
Views
0
Helpful
4
Replies

Vulnerability is found in cisco router

Go to solution
Leftz
Level 4
Level 4

‎04-13-2022 12:07 PM

 

Hi 

When tenable scan, we got vulnerability info as below. Any solution can be used for this issue? Thank you 

A remote device is affected by an information disclosure

The IKE service running on the remote Cisco IOS device is affected by
an information disclosure vulnerability, known as BENIGNCERTAIN, in
the Internet Key Exchange version 1 (IKEv1) subsystem due to improper
handling of IKEv1 security negotiation requests. An unauthenticated,
remote attacker can exploit this issue, via a specially crafted IKEv1
packet, to disclose memory contents, resulting in the disclosure of
confidential information including credentials and configuration
settings.

BENIGNCERTAIN is one of multiple Equation Group vulnerabilities and
exploits disclosed on 2016/08/14 by a group known as the Shadow
Brokers.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎04-13-2022 12:18 PM - edited ‎04-13-2022 12:20 PM

@Leftz are you even using IKEv1 on this router? If not remove your IKEv1 policies, including the default

 

Else...

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Rob Ingram
VIP
VIP

‎04-13-2022 12:18 PM - edited ‎04-13-2022 12:20 PM

@Leftz are you even using IKEv1 on this router? If not remove your IKEv1 policies, including the default

 

Else...

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1

 

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎04-13-2022 03:57 PM

Upgrade the firmware of the router to a version which fixes this vulnerability.

0 Helpful

Go to solution
Leftz
Level 4
Level 4

‎04-25-2022 02:36 PM

@Rob Ingram Which command can confirm it is using IKEv1 or v2?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to Leftz

‎04-25-2022 11:53 PM

@Leftz Use "show crypto ikev1 sa" or "show crypto ikev2 sa" that will confirm if you are using either IKE version. Your configuration would also indicate which version you are using.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card