CVE Vulnerabilities

CVE-2008-3803

Published: Sep 26, 2008 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

A logic error in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

Affected Software

Name Vendor Start Version End Version
Ios Cisco 12.0s (including) 12.0s (including)
Ios Cisco 12.0sx (including) 12.0sx (including)
Ios Cisco 12.0sz (including) 12.0sz (including)

References