Back to search
CVE-2008-3803
Published: Sep 26, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31990
third-party-advisory
x_refsource_SECUNIA
31366
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:5919
vdb-entry
signature
x_refsource_OVAL
1020940
vdb-entry
x_refsource_SECTRACK
ADV-2008-2670
vdb-entry
x_refsource_VUPEN
20080924 Cisco IOS MPLS VPN May Leak Information
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now