CVE-2008-3815

CWE-287Improper AuthenticationCWE-264CWE-3994 documents4 sources
Severity
4.3MEDIUM
EPSS
0.4%
top 41.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco PIX
Timeline
PublishedOct 23
Latest updateMay 2

Description

Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDcisco/pix5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-9qxp-4454-64h6: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 72022-05-02
CVEList
CVE-2008-3815: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 72008-10-23

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco PIX and Cisco ASA2008-10-22
CVE-2008-3815 (MEDIUM CVSS 4.3) | Unspecified vulnerability in Cisco | cvebase.io