CVE Vulnerabilities

CVE-2008-3803

Published: Sep 26, 2008 | Modified: Jun 02, 2022
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

A logic error in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

Affected Software

Name Vendor Start Version End Version
Ios Cisco 12.0sz 12.0sz
Ios Cisco 12.0s 12.0s
Ios Cisco 12.0sx 12.0sx

References