Vulnerability Details CVE-2008-3803
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.4%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/31990
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014a9.shtml
- http://www.securityfocus.com/bid/31366
- http://www.securitytracker.com/id?1020940
- http://www.vupen.com/english/advisories/2008/2670
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5919
- http://secunia.com/advisories/31990
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014a9.shtml
- http://www.securityfocus.com/bid/31366
- http://www.securitytracker.com/id?1020940
- http://www.vupen.com/english/advisories/2008/2670
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5919