Cisco IOS and Cisco IOS XE devices contain an issue that could allow an authenticated, remote attacker to access sensitive information on a targeted device.
The issue is due to an implementation flaw in the affected software. The affected software implements an algorithm to hash user-provided plaintext passwords. This algorithm is called Type 4
, and a password hashed using this algorithm is referred to as a Type 4 password
. The algorithm design called for using Password-Based Key Derivation Function version 2 (PBKDF2), as described in RFC 2898 section 5.1, with the following input values:
- Hash algorithm = SHA-256
- Password = the user-provided plaintext password
- Salt = 80 bits (generated by calling a cryptographically secure random number generator)
- Iteration count = 1,000 (one thousand)
Due to an implementation issue, the Type 4 password algorithm does not use PBKDF2 and does not use a salt, but instead performs a single iteration of SHA-256 over the user-provided plaintext password. This approach causes a Type 4 password to be less resilient to brute-force attacks.
These issues do not apply to devices running a Cisco IOS or Cisco IOS XE release without support for
Type 4 passwords.
An authenticated, remote attacker could exploit the issue by logging in to an affected device and performing a brute-force attack. A successful attack could allow the attacker to access sensitive information on a targeted device.
Functional code that exploits the issue is publicly available.
Cisco has confirmed the issue in security response cisco-sr-20130318-type4
; however software updates are not available.