Vulnerability Details CVE-2008-1155
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/29822
- http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml
- http://www.securityfocus.com/bid/28807
- http://www.securitytracker.com/id?1019859
- http://www.vupen.com/english/advisories/2008/1248/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
- http://secunia.com/advisories/29822
- http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml
- http://www.securityfocus.com/bid/28807
- http://www.securitytracker.com/id?1019859
- http://www.vupen.com/english/advisories/2008/1248/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
Products affected by CVE-2008-1155
-
cpe:2.3:a:cisco:network_admission_control:*
-
cpe:2.3:a:cisco:network_admission_control:3.5
-
cpe:2.3:a:cisco:network_admission_control:3.6
-
cpe:2.3:a:cisco:network_admission_control:3.6.0
-
cpe:2.3:a:cisco:network_admission_control:3.6.0.1
-
cpe:2.3:a:cisco:network_admission_control:3.6.1.1
-
cpe:2.3:a:cisco:network_admission_control:3.6.2.1
-
cpe:2.3:a:cisco:network_admission_control:3.6.2.2
-
cpe:2.3:a:cisco:network_admission_control:3.6.4.1
-
cpe:2.3:a:cisco:network_admission_control:3.6.4.2
-
cpe:2.3:a:cisco:network_admission_control:4.0
-
cpe:2.3:a:cisco:network_admission_control:4.0.0.1
-
cpe:2.3:a:cisco:network_admission_control:4.0.2.1
-
cpe:2.3:a:cisco:network_admission_control:4.0.2.2
-
cpe:2.3:a:cisco:network_admission_control:4.0.3.1
-
cpe:2.3:a:cisco:network_admission_control:4.0.3.2
-
cpe:2.3:a:cisco:network_admission_control:4.0.3.3
-
cpe:2.3:a:cisco:network_admission_control:4.0.5.0
-
cpe:2.3:a:cisco:network_admission_control:4.1
-
cpe:2.3:a:cisco:network_admission_control:4.1.0