Vulnerability Description
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Network Admission Control | <= 3.6.4.3 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29822Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.sPatchVendor Advisory
- http://www.securityfocus.com/bid/28807
- http://www.securitytracker.com/id?1019859
- http://www.vupen.com/english/advisories/2008/1248/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
- http://secunia.com/advisories/29822Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.sPatchVendor Advisory
- http://www.securityfocus.com/bid/28807
- http://www.securitytracker.com/id?1019859
- http://www.vupen.com/english/advisories/2008/1248/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
FAQ
What is CVE-2008-1155?
CVE-2008-1155 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server ...
How severe is CVE-2008-1155?
CVE-2008-1155 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1155?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Network Admission Control.