Search...

CVE-2018-14008

2019-08-15T17:15:00

ID CVE-2018-14008
Type cve
Reporter cve@mitre.org
Modified 2019-08-28T16:14:00

Description

Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.

JSON Vulners Source

Initial Source

{"id": "CVE-2018-14008", "bulletinFamily": "NVD", "title": "CVE-2018-14008", "description": "Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.", "published": "2019-08-15T17:15:00", "modified": "2019-08-28T16:14:00", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14008", "reporter": "cve@mitre.org", "references": ["https://www.arista.com/en/support/advisories-notices", "https://www.arista.com/en/support/advisories-notices/security-advisories/6072-security-advisory-38"], "cvelist": ["CVE-2018-14008"], "type": "cve", "lastseen": "2020-12-09T20:25:35", "edition": 6, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["ARISTA_EOS_SA0038.NASL"]}], "modified": "2020-12-09T20:25:35", "rev": 2}, "score": {"value": 3.7, "vector": "NONE", "modified": "2020-12-09T20:25:35", "rev": 2}, "vulnersScore": 3.7}, "cpe": ["cpe:/o:arista:eos:4.21.0f"], "affectedSoftware": [{"cpeName": "arista:eos", "name": "arista eos", "operator": "le", "version": "4.21.0f"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cpe23": ["cpe:2.3:o:arista:eos:4.21.0f:*:*:*:*:*:*:*"], "cwe": ["CWE-287"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:arista:eos:4.21.0f:*:*:*:*:*:*:*", "versionEndIncluding": "4.21.0f", "vulnerable": true}], "operator": "OR"}]}}

{"nessus": [{"lastseen": "2020-09-14T13:16:24", "description": "The version of Arista Networks EOS running on the remote device is affected by a denial of service (DoS) vulnerability\nin the 802.1x authentication feature, and by extension MACSec, when dynamic keys are used. An adjacent, unauthenticated\nattacker can exploit this, by sending a crafted packet from the data port, in order to crash the Dot1x agent and cause a\nDoS condition.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 6.5, "vector": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-02-25T00:00:00", "title": "Arista Networks EOS 802.1x authentication DoS (SA0038)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-14008"], "modified": "2020-02-25T00:00:00", "cpe": ["cpe:/o:arista:eos"], "id": "ARISTA_EOS_SA0038.NASL", "href": "https://www.tenable.com/plugins/nessus/133959", "sourceData": "#TRUSTED 74beaec446cbd00929bf82185cf8551e5d188761b4532c44c08089b9bc9e959f97be9fb0e95be4da74961478cfd66c017220bf1e3a5dc08ed02a8101fc858b618b3ec4e85eb5679b75b2235ddd2c119aa2c4ca79004b916175ed45f4f2d12716d4e895a2a0b70ba55415ab1eef548306260070dc50c80d71cb2a501c79a7cbccff268e4b41e317fbb2969125b6acf12b91a785c676f671f9bb15e231a1d40d6248c725042af08031dd3949d91ac0e338a645c7d3546f934fb6db7ddebbffd8d93f0dba15bce46e4053413e928dfdc019ab91837f55348b7c6e05a5efd01d94235fbd875d8e6f4405d002bd972882e557ead0efc6e533f92f7f35a881eb23105bd34227273542ca1c4ca03439d3af26275b40f7ee45fa58214bb973694e9af57e58d337b5d6b87e8a5e8dd06046dea2edfe95cee0cce7b57a650b3e45858bba601c6541d26bf29c850580f671eff29ea247670dac49ec4cbedc83b217482c34aa9451846b50845ac5b5f66e274f636a2f4bb84daf6d0278ed3003ef68b8799de9a3ce1bcdf7894d3ec8b931f4f43c7a7c2f327d8fab002af5b1ffb08157bc95f322b245dcdc6a6265d743e05b5b9e4ed0f295a5f7d3b1bdd7a574fc0050b13ac97afaa2365273637f1face43a11566a5f9c4e06e8bc0a968407d6037c8cdb163d972762068bd56b8315823240e8bca257ec28fa549920f1d9b7c8233dbe89262d\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133959);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/27\");\n\n script_cve_id(\"CVE-2018-14008\");\n\n script_name(english:\"Arista Networks EOS 802.1x authentication DoS (SA0038)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by a denial of service (DoS) vulnerability\nin the 802.1x authentication feature, and by extension MACSec, when dynamic keys are used. An adjacent, unauthenticated\nattacker can exploit this, by sending a crafted packet from the data port, in order to crash the Dot1x agent and cause a\nDoS condition.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/6072-security-advisory-38\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2d7ba876\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Arista Networks EOS version 4.21.2.3F / 4.21.1F / 4.20.9M / 4.19.10M / 4.18.10M or later. Alternatively,\napply the patch referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14008\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:arista:eos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_eos_detect.nbin\");\n script_require_keys(\"Host/Arista-EOS/Version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('arista_eos_func.inc');\ninclude('audit.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nversion = get_kb_item_or_exit('Host/Arista-EOS/Version');\n\nif (version =~ '4.20.8M($|[^0-9a-zA-Z])' ||\n version =~ '4.20.7M($|[^0-9a-zA-Z])' ||\n version =~ '4.20.4.1F($|[^0-9a-zA-Z])' ||\n version =~ '4.19.9M($|[^0-9a-zA-Z])' ||\n version =~ '4.18.8M($|[^0-9a-zA-Z])')\n{\n ext='SecurityAdvisory0038Hotfix.rpm 1.0.0/eng';\n sha='3f764e58f7b090f5ad70d51e080298f753907578f2a41f998a2dab18304fffc6d329a600dc8b32e3dee1ebf2ad202116f663c6909c2c690581ca393746b4247e';\n if(eos_extension_installed(ext:ext, sha:sha))\n exit(0, 'The Arista device is not vulnerable, as a relevant hotfix has been installed.');\n}\n\nvmatrix = make_array();\nvmatrix['F'] = make_list(\n '4.21.0',\n '4.20.6',\n '4.20.5.2',\n '4.20.5.1',\n '4.20.5',\n '4.20.4.1',\n '4.20.4',\n '4.20.3',\n '4.20.2.1',\n '4.20.2',\n '4.20.1',\n '4.20.0',\n '4.19.3',\n '4.19.2.3',\n '4.19.2.2',\n '4.19.2.1',\n '4.19.2',\n '4.19.1',\n '4.19.0',\n '4.18.4.2',\n '4.18.4.1',\n '4.18.4',\n '4.18.3.1',\n '4.18.3',\n '4.18.2.1',\n '4.18.2',\n '4.18.1.1',\n '4.18.1',\n '4.18.0',\n '4.17.3',\n '4.17.2.1',\n '4.17.2',\n '4.17.1.4',\n '4.17.1.1',\n '4.17.1',\n '4.17.0'\n);\n\nvmatrix['M'] = make_list(\n '4.17.4',\n '4.17.5',\n '4.17.5.1',\n '4.17.6',\n '4.17.7',\n '4.17.8',\n '4.17.9',\n '4.18.5',\n '4.18.6',\n '4.18.7',\n '4.18.8',\n '4.19.4',\n '4.19.4.1',\n '4.19.5',\n '4.19.6',\n '4.19.6.1',\n '4.19.6.2',\n '4.19.6.3',\n '4.19.7',\n '4.19.8',\n '4.19.9',\n '4.20.7',\n '4.20.8',\n '4.16.14',\n '4.16.13',\n '4.16.12',\n '4.16.11',\n '4.16.10',\n '4.16.9',\n '4.16.8',\n '4.16.7',\n '4.16.6'\n);\n\nvmatrix['all'] = make_list('0.0<=4.14.99');\n\nvmatrix['fix'] = 'Apply the vendor supplied patch or upgrade to 4.21.2.3F / 4.21.1F / 4.20.9M / 4.19.10M / 4.18.10M or later or later';\n\nif (eos_is_affected(vmatrix:vmatrix, version:version))\n security_report_v4(severity:SECURITY_NOTE, port:0, extra:eos_report_get());\nelse\n audit(AUDIT_INST_VER_NOT_VULN, 'Arista Networks EOS', version);\n", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}]}