CVE-2008-1155

Published Apr 16, 2008

Last updated 7 years ago

Overview

Description: Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Source: ykramarz@cisco.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BFAE963-6E84-4712-A628-6240D97C200A",
            "versionEndIncluding": "3.6.4.3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "432F7177-A43A-463A-B663-9181B0506545",
            "versionEndIncluding": "4.0.5.1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9174F08C-55B7-4985-9964-732088051BA5",
            "versionEndIncluding": "4.1.1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0051F9BB-0315-4541-95A5-CAAC6A3FC9A9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57F000C2-5343-41CE-81EF-D26D7E884798"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1849F3F6-834E-4C3A-B1B2-4B0C360FE03C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1898068E-41B8-4C25-B240-2779206FB0A0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED68FC7E-A6A6-49AB-AEDB-CE70C1139BC8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAE93C0F-D240-47D7-B638-6E7AB65C8ABC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "300CE692-9161-4866-96CD-C865000FA481"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BE6DF16-6846-4246-AF33-58FD02038D93"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DA5D3A7-6B5B-4699-8FBE-6DC36F8C350F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD36F046-CCBF-467D-9522-81307A47D7F2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC29AD92-F6B6-4CF3-9471-EAE70284C9B3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22FD214D-4176-4388-A837-21DAFE62D502"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBAD29D5-0C9F-44DC-9574-793DE4C90316"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A77575E-9676-48DA-A28D-85D3D8C1EAD1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86E65BA0-55E6-4D6E-BAED-26769B1671D5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42A5102C-86F2-4194-BAEA-7EAD5CAC5ABD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F31B7941-03B8-430E-AA23-B105138FC5F7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E76E6DCE-93DE-4522-BD35-82440B4EE635"
          },
          {
            "criteria": "cpe:2.3:a:cisco:network_admission_control:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83407842-77E2-417D-9355-6CFDADB62EEF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References