Detections
Analytics

Cisco Identity Services Engine RADIUS DoS (cisco-sa-ise-radius-dos-W7cNn7gt)

high Nessus Plugin ID 181007

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, Cisco Identity Services Engine RADIUS Denial of Service is affected by a vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE), that could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE.
An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected. Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwe47081

See Also

http://www.nessus.org/u?dc4d8092

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe47081

Plugin Details

Severity: High

ID: 181007

File Name: cisco-sa-ise-radius-dos-W7cNn7gt.nasl

Version: 1.4

Type: combined

Family: CISCO

Published: 9/7/2023

Updated: 9/25/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-20243

CVSS v3

Risk Factor: High

Base Score: 8.6

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:identity_services_engine, cpe:/a:cisco:identity_services_engine, cpe:/a:cisco:identity_services_engine_software

Required KB Items: Host/Cisco/ISE/version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/6/2023

Vulnerability Publication Date: 9/6/2023

Reference Information

CVE: CVE-2023-20243

CISCO-SA: cisco-sa-ise-radius-dos-W7cNn7gt

IAVA: 2023-A-0459-S

CISCO-BUG-ID: CSCwe47081