Lucene search

[email protected]CVE-2008-1155

HistoryApr 16, 2008 - 5:05 p.m.

CVE-2008-1155

2008-04-1617:05:00

CWE-200

[email protected]

web.nvd.nist.gov

cisco

nac

appliance

vulnerability

cve-2008-1155

4.1.2

sniffing

error logs

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.6%

JSON

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

CPENameOperatorVersion
cisco:network_admission_controlcisco network admission controleq4.0.2.1
cisco:network_admission_controlcisco network admission controleq3.6.4.1
cisco:network_admission_controlcisco network admission controleq3.6.0.1
cisco:network_admission_controlcisco network admission controleq3.6.2.1
cisco:network_admission_controlcisco network admission controleq4.1
cisco:network_admission_controlcisco network admission controleq4.0.3.2
cisco:network_admission_controlcisco network admission controleq3.6.2.2
cisco:network_admission_controlcisco network admission controleq4.0.3.1
cisco:network_admission_controlcisco network admission controlle4.0.5.1
cisco:network_admission_controlcisco network admission controleq3.6.1.1

CPE	Name	Operator	Version
cisco:network_admission_control	cisco network admission control	eq	4.0.2.1
cisco:network_admission_control	cisco network admission control	eq	3.6.4.1
cisco:network_admission_control	cisco network admission control	eq	3.6.0.1
cisco:network_admission_control	cisco network admission control	eq	3.6.2.1
cisco:network_admission_control	cisco network admission control	eq	4.1
cisco:network_admission_control	cisco network admission control	eq	4.0.3.2
cisco:network_admission_control	cisco network admission control	eq	3.6.2.2
cisco:network_admission_control	cisco network admission control	eq	4.0.3.1
cisco:network_admission_control	cisco network admission control	le	4.0.5.1
cisco:network_admission_control	cisco network admission control	eq	3.6.1.1

Rows per page:

1-10 of 221

References

secunia.com/advisories/29822

www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml

www.securityfocus.com/bid/28807

www.securitytracker.com/id?1019859

www.vupen.com/english/advisories/2008/1248/references

exchange.xforce.ibmcloud.com/vulnerabilities/41849

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2008-1155

prion1 cisco1 nessus1 securityvulns2