CVE-2008-3820

Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/33633	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/33381
http://www.securitytracker.com/id?1021619
http://www.vupen.com/english/advisories/2009/0214
https://exchange.xforce.ibmcloud.com/vulnerabilities/48134

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:security_manager::::::::
	cpe:2.3:a:cisco:security_manager:3.1:::::::*
	cpe:2.3:a:cisco:security_manager:3.1.1:::::::*
	cpe:2.3:a:cisco:security_manager:3.1.1:sp3::::::
	cpe:2.3:a:cisco:security_manager:3.2:::::::*
	cpe:2.3:a:cisco:security_manager:3.2:sp2::::::
	cpe:2.3:a:cisco:security_manager:3.2.1:::::::*
	cpe:2.3:a:cisco:security_manager:3.2.1:sp1::::::

History

No history.

Information

Published : 2009-01-22 18:30

Updated : 2024-02-04 17:33

NVD link : CVE-2008-3820

Mitre link : CVE-2008-3820

CVE.ORG link : CVE-2008-3820

JSON object : View

Products Affected

cisco

security_manager

CWE

NVD-CWE-Other

{"id": "CVE-2008-3820", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2009-01-22T18:30:03.780", "references": [{"url": "http://secunia.com/advisories/33633", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/33381", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id?1021619", "source": "ykramarz@cisco.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0214", "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48134", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain \"root access\" to IEV via unspecified use of TCP sessions to these ports."}, {"lang": "es", "value": "Cisco Security Manager v3.1 y v3.2 antes de v3.2.2, cuando se usa Cisco IPS Event Viewer (IEV), expone los puertos TCP utilizados por el demonio de MySQL y el servidor IEV, lo que permite a atacantes remotos obtener \"acceso de root\" a IEV, mediante el uso de sesiones TCP sin especificar a estos puertos."}], "lastModified": "2017-08-08T01:32:11.483", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:security_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AC03BFB-10FA-4276-930F-DB450E89DCD8"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "921F93B3-84A8-471B-9A3A-780C76BA3685"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADDFAFD3-DEC0-4C6E-BE75-921286A3B2FF"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.1.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2F46134-691C-4B96-87EE-6977E49905CD"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.2:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "684784EB-A61E-4FBE-AC5F-AE7E69BD60A5"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7061A26C-4BC0-4466-99FE-60620BA45629"}, {"criteria": "cpe:2.3:a:cisco:security_manager:3.2.1:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3EAAD49-6786-4E0A-B9E1-C3D0BD061132"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}