Medium severity5.9NVD Advisory· Published Aug 14, 2018· Updated Jun 17, 2026
CVE-2018-0131
CVE-2018-0131
Description
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because the affected software responds incorrectly to decryption failures. An attacker could exploit this vulnerability sending crafted ciphertexts to a device configured with IKEv1 that uses RSA-encrypted nonces. A successful exploit could allow the attacker to obtain the encrypted nonces. Cisco Bug IDs: CSCve77140.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105074nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041539nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180813-rsa-noncenvdVendor Advisory
News mentions
0No linked articles in our index yet.