Lucene search
CiscoCVE-2008-1155HistoryApr 16, 2008 - 5:05 p.m.
CVE-2008-1155
2008-04-1617:05:00
CWE-200
cisco
web.nvd.nist.gov
30
cisco
nac
appliance
vulnerability
cve-2008-1155
4.1.2
sniffing
error logs
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.019
Percentile
88.8%
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Affected configurations
Node
cisconetwork_admission_controlRange≤3.6.4.3
ORcisconetwork_admission_controlRange≤4.0.5.1
ORcisconetwork_admission_controlRange≤4.1.1
ORcisconetwork_admission_controlMatch3.5
ORcisconetwork_admission_controlMatch3.6
ORcisconetwork_admission_controlMatch3.6.0
ORcisconetwork_admission_controlMatch3.6.0.1
ORcisconetwork_admission_controlMatch3.6.1.1
ORcisconetwork_admission_controlMatch3.6.2.1
ORcisconetwork_admission_controlMatch3.6.2.2
ORcisconetwork_admission_controlMatch3.6.4.1
ORcisconetwork_admission_controlMatch3.6.4.2
ORcisconetwork_admission_controlMatch4.0
ORcisconetwork_admission_controlMatch4.0.0.1
ORcisconetwork_admission_controlMatch4.0.2.1
ORcisconetwork_admission_controlMatch4.0.2.2
ORcisconetwork_admission_controlMatch4.0.3.1
ORcisconetwork_admission_controlMatch4.0.3.2
ORcisconetwork_admission_controlMatch4.0.3.3
ORcisconetwork_admission_controlMatch4.0.5.0
ORcisconetwork_admission_controlMatch4.1
ORcisconetwork_admission_controlMatch4.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | network_admission_control | * | cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.5 | cpe:2.3:a:cisco:network_admission_control:3.5:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6 | cpe:2.3:a:cisco:network_admission_control:3.6:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.0 | cpe:2.3:a:cisco:network_admission_control:3.6.0:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.0.1 | cpe:2.3:a:cisco:network_admission_control:3.6.0.1:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.1.1 | cpe:2.3:a:cisco:network_admission_control:3.6.1.1:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.2.1 | cpe:2.3:a:cisco:network_admission_control:3.6.2.1:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.2.2 | cpe:2.3:a:cisco:network_admission_control:3.6.2.2:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.4.1 | cpe:2.3:a:cisco:network_admission_control:3.6.4.1:*:*:*:*:*:*:* |
| cisco | network_admission_control | 3.6.4.2 | cpe:2.3:a:cisco:network_admission_control:3.6.4.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-1155
2008-04-16 17:00:00
cisco
cisco
Cisco Network Admission Control Shared Secret Vulnerability
2008-04-16 16:00:00
prion
prion
Code injection
2008-04-16 17:05:00
nvd
nvd
CVE-2008-1155
2008-04-16 17:05:00
nessus
nessus
securityvulns
securityvulns
Cisco Network Admission Control weak encryption
2008-04-17 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.019
Percentile
88.8%
Related for CVE-2008-1155