CyberSec.Space Logo
Back to CVE Browser

CVE-2008-1155

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1180%
EPSS Percentile33.32th
PublishedApr 16, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

Affected Platforms (CPE)

πŸ“¦
Cisco

Network Admission Control

<= 3.6.4.3
πŸ“¦
Cisco

Network Admission Control

<= 4.0.5.1
πŸ“¦
Cisco

Network Admission Control

<= 4.1.1
πŸ“¦
Cisco

Network Admission Control

= 3.5
πŸ“¦
Cisco

Network Admission Control

= 3.6
πŸ“¦
Cisco

Network Admission Control

= 3.6.0
πŸ“¦
Cisco

Network Admission Control

= 3.6.0.1
πŸ“¦
Cisco

Network Admission Control

= 3.6.1.1
πŸ“¦
Cisco

Network Admission Control

= 3.6.2.1
πŸ“¦
Cisco

Network Admission Control

= 3.6.2.2
πŸ“¦
Cisco

Network Admission Control

= 3.6.4.1
πŸ“¦
Cisco

Network Admission Control

= 3.6.4.2
πŸ“¦
Cisco

Network Admission Control

= 4.0
πŸ“¦
Cisco

Network Admission Control

= 4.0.0.1
πŸ“¦
Cisco

Network Admission Control

= 4.0.2.1
πŸ“¦
Cisco

Network Admission Control

= 4.0.2.2
πŸ“¦
Cisco

Network Admission Control

= 4.0.3.1
πŸ“¦
Cisco

Network Admission Control

= 4.0.3.2
πŸ“¦
Cisco

Network Admission Control

= 4.0.3.3
πŸ“¦
Cisco

Network Admission Control

= 4.0.5.0
πŸ“¦
Cisco

Network Admission Control

= 4.1
πŸ“¦
Cisco

Network Admission Control

= 4.1.0

References & Advisories

πŸ”— http://secunia.com/advisories/29822
πŸ”— http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml
πŸ”— http://www.securityfocus.com/bid/28807
πŸ”— http://www.securitytracker.com/id?1019859
πŸ”— http://www.vupen.com/english/advisories/2008/1248/references
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
πŸ”— http://secunia.com/advisories/29822
πŸ”— http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml

Related Vulnerabilities

CVE-2011-33057.8

Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary...

CVE-2013-11777.5

SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote a...

CVE-2009-06307.1

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transp...

CVE-2013-11245.8

The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (...