A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition.
The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability in the Internet Key Exchange Version 2 (IKEv2) module due to incorrect processing of certain IKEv2 packets. An unauthenticated, remote attacker can exploit this, by sending crafted IKEv2 packets to an affected device, in order to cause a memory leak or a reload of an affected device, leading to a DoS condition.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to its self-reported version, Cisco IOS is affected by a denial of service (DoS) vulnerability in the Internet Key Exchange Version 2 (IKEv2) module due to incorrect processing of certain IKEv2 packets. An unauthenticated, remote attacker can exploit this, by sending crafted IKEv2 packets to an affected device, in order to cause a memory leak or a reload of an affected device, leading to a DoS condition.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
501767	Rockwell Automation Stratix and ArmorStratix Switches Improper Input Validation (CVE-2018-0158)	Tenable OT Security	Tenable.ot	high
131326	Cisco IOS XE Software Internet Key Exchange Memory Leak (cisco-sa-20180328-ike)	Nessus	CISCO	high
131325	Cisco IOS Software Internet Key Exchange Memory Leak (cisco-sa-20180328-ike)	Nessus	CISCO	high

Detections

Analytics

CVE-2018-0158

high

Tenable Plugins

high

high

high