CVE-2008-3815

critical

Description

Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983

https://exchange.xforce.ibmcloud.com/vulnerabilities/46024

http://www.vupen.com/english/advisories/2008/2899

http://www.securitytracker.com/id?1021090

http://www.securitytracker.com/id?1021089

http://www.securityfocus.com/bid/31864

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml

http://secunia.com/advisories/32360

Details

Source: Mitre, NVD

Published: 2008-10-23

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00372