CVE-2008-1155

high

Description

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41849

http://www.vupen.com/english/advisories/2008/1248/references

http://www.securitytracker.com/id?1019859

http://www.securityfocus.com/bid/28807

http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml

http://secunia.com/advisories/29822

Details

Source: Mitre, NVD

Published: 2008-04-16

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High