Lucene search
Redhat.comRH:CVE-2018-5389HistoryJan 25, 2020 - 10:02 p.m.
CVE-2018-5389
2020-01-2522:02:57
redhat.com
access.redhat.com
7
0.003 Low
EPSS
Percentile
70.2%
It was found that IKEv1 (and potentially IKEv2) authentication when using a pre-shared key (PSK) is vulnerable to offline dictionary attacks in Main Mode as well as in Aggressive Mode. A man-in-the-middle attacker who intercepted the handshake of two peers authenticating with a PSK, could apply a brute-force attack to recover the shared secret.
Related
cert
cert
IKEv1 Main Mode vulnerable to brute force attacks
2018-08-14 00:00:00
cve
cve
CVE-2018-5389
2018-09-06 21:29:00
f5
f5
K42378447 : IPsec IKEv1 vulnerability CVE-2018-5389
2018-10-22 00:00:00
ubuntucve
ubuntucve
CVE-2018-5389
2018-09-06 00:00:00
cvelist
cvelist
CVE-2018-5389 CVE-2018-5389
2018-09-06 21:00:00
debiancve
debiancve
CVE-2018-5389
2018-09-06 21:29:00
prion
prion
Authentication flaw
2018-09-06 21:29:00
nessus
nessus
RHEL 7 : openswan (Unpatched Vulnerability)
2024-06-03 00:00:00
F5 Networks BIG-IP : IPsec IKEv1 vulnerability (K42378447)
2023-11-02 00:00:00
RHEL 8 : openswan (Unpatched Vulnerability)
2024-06-03 00:00:00
nvd
nvd
CVE-2018-5389
2018-09-06 21:29:00
fortinet
fortinet
Bleichenbacher and Dictionary Attacks on IPsec IKE
2018-08-27 00:00:00