PT-2008-2749 · Cisco · Cisco Network Admission Control Appliance+2
Publicado
2008-04-16
·
Atualizado
2017-08-08
·
CVE-2008-1155
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Network Admission Control (NAC) Appliance versions 3.5.x through 3.6.3, versions 4.0.x through 4.0.5, and versions 4.1.x through 4.1.1
Description
The issue allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Recommendations
For versions 3.5.x, update to version 3.6.4.4 or later.
For versions 3.6.x before 3.6.4.4, update to version 3.6.4.4 or later.
For versions 4.0.x before 4.0.6, update to version 4.0.6 or later.
For versions 4.1.x before 4.1.2, update to version 4.1.2 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Network Admission Control Appliance
Clean Access Manager
Clean Access Server