5.1
CVE-2008-3803
- EPSS 2.65%
- Veröffentlicht 26.09.2008 16:21:44
- Zuletzt bearbeitet 16.06.2026 22:56:34
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.65% | 0.836 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/31990
http://www.vupen.com/english/advisories/2008/2670
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014a9.shtml
http://www.securityfocus.com/bid/31366
http://www.securitytracker.com/id?1020940
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5919