Blog

IP and Mobile Trends and Education

 

Cisco IOS XE Static Credential Vulnerability (Catalyst Switches, ISR4k and ASR1k Routers)

Author:


09.04.2018

Cisco has stated that there is a vulnerability in Cisco IOS XE 16.X version (bug does not affect releases prior IOS XE 16.X)  that allows remote attacker to log in to the system with privilege 15 with default username cisco. This bug affects the platforms supported by IOS XE software, inter alia following:

 

  • Catalyst 9500, 9300 switches
  • Catalyst 3650, 3850 switches
  • ISR 4200, 4300, 4400 routers
  • ASR 1000 routers
  • ISRv, CSR1000v

 

If you have one of these and show version displays the following output:

router# show version
--- output omitted ---- (CAT3K_CAA-UNIVERSALK9-M), Version Denali 16.2.1

Immediately upgrade the system or use the workaround.

 

Possible direct workarounds:

  • delete an account by issuing no username cisco command in configuration mode
  • change the password for cisco user
  • to upgrade the IOS XE version to get rid of this vulnerability check the bug toolkit

 

Affected releases (as of 10 April 2018):
  • 16.5.1
  • Everest-16.5.1

Known fixed releases (as of 10 April 2018):

  • Everest-16.6.1
  • Everest-16.6.1a
  • Everest-16.5.2
  • 16.7(0.78)
  • 16.6.1
  • 16.6.1a
  • 16.6(0.238)
  • 16.5.2
  • 16.5(1.67)

 

The vulnaribility is described as critical and received score 9.8:

  • The Cisco bug id is: CSCve89880
  • CVSS score: 9.8
  • Vulnerability: CVE-2018-0150

 

Sources:

[1] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc

[2] https://quickview.cloudapps.cisco.com/quickview/bug/CSCve89880

Author

Marcin Bialy

Marcin Biały is Network and Security Architect with over 10 years of experience, with Service Provider and Enterprise networking background. He used to work for large service providers, global vendors and integration services companies as Network Architect, Leading Architect and Techincal Solution Manager positions. He designed, implemented and supported dozens large scale projects and infrastructure migrations, solved hundreds of tickets and spent hours with CLI and GUI of many flavors. Marcin is also holding industry recognizable certificates such as CCNP, CCNA, CSSI, FCNSP, FCNSA and more.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code


 

Newsletter