CVE-2008-3815

Cisco ASA/PX <7.0.8.3-8.1.1.13 - Auth Bypass

Title source: llm

Description

Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.

References (8)

[Vendor Advisory] http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46024

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/31864

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021089

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021090

[Third Party Advisory] http://secunia.com/advisories/32360

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/2899

Scores

EPSS 0.0037

EPSS Percentile 58.6%

Classification

CWE

CWE-287

Status draft

Affected Products (6)

cisco/asa_5500

cisco/pix

cisco/pix

cisco/pix

cisco/pix

cisco/pix

Timeline

Published Oct 23, 2008

Tracked Since Feb 18, 2026