QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0163

Back to search

CVE-2018-0163

Published: Mar 28, 2018

Modified: Dec 2, 2024

PUBLISHED

Description

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.

VendorProductVersions

n/a

Cisco IOS

affected
Cisco IOS

Weaknesses (CWE)

CWE-287

References

103571
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now