Overview
Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.
Description
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389) It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible. |
Impact
An attacker may be able to recover a weak Pre-Shared Key. |
Solution
Use Secure Passwords |
As mentioned in USENIX '18 presentation
To counter these attacks, both entry points must be closed: Only high entropy PSKs should be used, and both PKE and RPKE modes should be deactivated in all IKE devices. It is not sufficient to configure key sep- aration on the sender side. All receivers must also be informed about this key separation – novel solutions are required to achieve this task.
Acknowledgements
Thanks to Martin Grothe, Joerg Schwenk, and Dennis Felsch for reporting this vulnerability.
This document was written by Trent Novelly.
Vendor Information
NETGEAR Not Affected
| CVE-2018-5389 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
F5 Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CERT Addendum
F5 had published a security advisory related to this vulnerability, more information can be found here: https://my.f5.com/manage/s/article/K42378447
3com Inc. (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACCESS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Actiontec Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ADTRAN Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
aep NETWORKS (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AirWatch Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alcatel-Lucent Enterprise Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Amazon Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Android Open Source Project Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Appgate Network Security (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apple Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arch Linux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arista Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ARRIS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aruba Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ASP Linux (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ASUSTeK Computer Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AT&T Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avaya Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AVM GmbH Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Belkin Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlackBerry Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blackberry QNX Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlueCat Networks Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Broadcom Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Brocade Communication Systems Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cambium Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Check Point Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cisco Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Command Software Systems (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CoreOS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Debian GNU/Linux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dell Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dell EMC Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DesktopBSD Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Deutsche Telekom Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Devicescape Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digi International Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
D-Link Systems Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dnsmasq Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DragonFly BSD Project Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eero Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EfficientIP Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Espressif Systems Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Extreme Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fedora Project Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Force10 Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FreeS/WAN (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
F-Secure Corporation Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fujitsu Europe Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Geexbox Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gentoo Linux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU glibc Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Google Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HardenedBSD Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Hitachi Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Honeywell Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HP Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HTC Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Huawei Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM Corporation (zseries) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
IBM eServer Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Infoblox Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
InfoExpress Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Intel Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Internet Systems Consortium - DHCP Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Interniche Technologies inc. (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Intoto (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Joyent Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Juniper Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
KAME Project Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lancope Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lantronix Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Lenovo Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Linksys Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
m0n0wall Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Marvell Semiconductor Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
McAfee Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
MediaTek Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Metaswitch Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Microchip Technology Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Micro Focus Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Microsoft Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
MikroTik Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Miredo Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Mitel Networks Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NEC Corporation Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NetBSD Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
NETSCOUT Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
netsnmp Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Nokia Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Nominum Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Novell Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OmniTI (Inactive) Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenBSD Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenBSD IPsec Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenConnect Ltd Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenDNS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Openwall GNU/*/Linux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Oracle Corporation Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Peplink Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
pfSense Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Philips Electronics Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
PowerDNS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Pulse Secure Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
QLogic Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Quagga Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Qualcomm Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Quantenna Communications Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Red Hat Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Roku Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ruckus Wireless Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Samsung Mobile Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Secure64 Software Corporation Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sierra Wireless Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Slackware Linux Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Snort Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sonos Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sony Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Sourcefire Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
strongSwan Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
SUSE Linux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Symantec Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Synology Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TippingPoint Technologies Inc. Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Toshiba Commerce Solutions Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TP-LINK Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
TrueOS Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Turbolinux Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ubiquiti Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ubuntu Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Unisys Corporation Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Vantiva Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
VMware Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Watchguard Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Wind River Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Zebra Technologies Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Zyxel Unknown
| CVE-2018-5389 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 8.8 | AV:N/AC:M/Au:N/C:C/I:C/A:N |
| Temporal | 7.9 | E:POC/RL:U/RC:-- |
| Environmental | 7.9 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
Other Information
| CVE IDs: | CVE-2018-5389 |
| API URL: | VINCE JSON | CSAF |
| Date Public: | 2018-08-14 |
| Date First Published: | 2018-08-14 |
| Date Last Updated: | 2024-07-15 14:51 UTC |
| Document Revision: | 18 |