CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-1155

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1180%
EPSS Percentile33.32th
Published2008年4月16日
Last Modified2026年4月23日

Vulnerability Description

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

Affected Platforms (CPE)

📦
Cisco

Network Admission Control

<= 3.6.4.3
📦
Cisco

Network Admission Control

<= 4.0.5.1
📦
Cisco

Network Admission Control

<= 4.1.1
📦
Cisco

Network Admission Control

= 3.5
📦
Cisco

Network Admission Control

= 3.6
📦
Cisco

Network Admission Control

= 3.6.0
📦
Cisco

Network Admission Control

= 3.6.0.1
📦
Cisco

Network Admission Control

= 3.6.1.1
📦
Cisco

Network Admission Control

= 3.6.2.1
📦
Cisco

Network Admission Control

= 3.6.2.2
📦
Cisco

Network Admission Control

= 3.6.4.1
📦
Cisco

Network Admission Control

= 3.6.4.2
📦
Cisco

Network Admission Control

= 4.0
📦
Cisco

Network Admission Control

= 4.0.0.1
📦
Cisco

Network Admission Control

= 4.0.2.1
📦
Cisco

Network Admission Control

= 4.0.2.2
📦
Cisco

Network Admission Control

= 4.0.3.1
📦
Cisco

Network Admission Control

= 4.0.3.2
📦
Cisco

Network Admission Control

= 4.0.3.3
📦
Cisco

Network Admission Control

= 4.0.5.0
📦
Cisco

Network Admission Control

= 4.1
📦
Cisco

Network Admission Control

= 4.1.0

References & Advisories

🔗 http://secunia.com/advisories/29822
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml
🔗 http://www.securityfocus.com/bid/28807
🔗 http://www.securitytracker.com/id?1019859
🔗 http://www.vupen.com/english/advisories/2008/1248/references
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41849
🔗 http://secunia.com/advisories/29822
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml

相关漏洞威胁

CVE-2011-33057.8

Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary...

CVE-2013-11777.5

SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote a...

CVE-2009-06307.1

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transp...

CVE-2013-11245.8

The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (...