Vulnerability CVE-2008-1155
Published: 2008-04-16   Modified: 2012-02-12

Description:
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Cisco -> Network admission control 

 References:
http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml
http://www.securityfocus.com/bid/28807
http://www.securitytracker.com/id?1019859
http://www.vupen.com/english/advisories/2008/1248/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
Copyright 2024, cxsecurity.com

 

Back to Top