Cisco IOS IKEv2 replay security measure Bypass Vulnerability

Cisco IOS IKEv2 replay security measure Bypass Vulnerability

Release date:
Updated on:

Affected Systems:
Cisco IOS
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63426
CVE (CAN) ID: CVE-2013-5548

Cisco IOS is an interconnected network operating system used on most Cisco system routers and network switches.

A security vulnerability exists in the implementation of the Cisco IOS IKEv2 protocol, which can disable the anti-Replay Function of IPsec. This vulnerability only occurs when Phase 2 IPsec Security Associations (SAs) uses AES-GCM or AES-GMAC algorithms. The vulnerability is caused by the failure to enable or disable the anti-Replay Function of IPsec Phase 2 SA. Attackers exploit this vulnerability by sending IPsec channel traversal requests.

<* Source: Cisco

Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5548
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Cisco
-----
Cisco has released a Security Bulletin (CVE-2013-5548) and patches for this:
CVE-2013-5548: Internet Key Exchange Version 2 Anti-replay Protection Disabled Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5548