6.8

CVE-2008-3820

EPSS 0.97%
Veröffentlicht 22.01.2009 18:30:03
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Security Manager

Cisco ≫ Security Manager Version3.1

Cisco ≫ Security Manager Version3.1.1

Cisco ≫ Security Manager Version3.1.1 Updatesp3

Cisco ≫ Security Manager Version3.2

Cisco ≫ Security Manager Version3.2 Updatesp2

Cisco ≫ Security Manager Version3.2.1

Cisco ≫ Security Manager Version3.2.1 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.97%	0.746

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/33633

Vendor Advisory

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml

Patch

Vendor Advisory

http://www.securityfocus.com/bid/33381

http://www.securitytracker.com/id?1021619

http://www.vupen.com/english/advisories/2009/0214

https://exchange.xforce.ibmcloud.com/vulnerabilities/48134

https://nvd.nist.gov/vuln/detail/CVE-2008-3820

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-3820

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-3820

EUVD