Synology-SA-18:46 Internet Key Exchange v1
Publish Time: UTC+8
Last Updated: UTC+8
- Severity
- Important
- Status
- Will not fix
Abstract
A vulnerability allows remote attackers to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), VPN Server or VPN Plus Server.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 6.2 | Important | Will not fix |
| DSM 6.1 | Important | Will not fix |
| DSM 5.2 | Important | Will not fix |
| SkyNAS | Important | Will not fix |
| SRM 1.1 | Important | Will not fix |
| VPN Server | Important | Will not fix |
| VPN Plus Server | Important | Will not fix |
Mitigation
If you need immediate assistance, please contact Synology technical support via https://account.synology.com/en-global/support.
Detail
- CVE-2018-5389
- Severity: Important
- CVSS3 Base Score: 7.4
- CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
- The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
Reference
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2018-08-15 | Initial public release. |
| 2 | 2020-02-21 | Disclosed vulnerability details. |
| 3 | 2020-10-28 | Updated Affected Products for DSM 6.2, DSM 6.1, DSM 5.2, SkyNAS, SRM 1.1, VPN Server and VPN Plus Server which will not be fixed. |