Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.
Conclusion & alert: CVE-2008-2400 is rated Low Risk (38.3/100): CVSS High severity, with low exploitation likelihood (EPSS 0.35%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.05% | 0.35% | +0.29% |
| 2 | 2025-03-30 | 0.05% | 0.05% | +0.00% |
| 3 | 2025-03-29 | — | 0.05% | — |
Full EPSS history (6 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.2 | 2.0 | HIGH |
|
3.9 | 10.0 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
unimportant | CVE-2008-2400 unimportant priority: Debian including 1 source packages (stunnel4), 4 status rows across 4 suites (bookworm, bullseye, sid, trixie): resolved 4. | https://security-tracker.debian.org/tracker/CVE-2008-2400 |
ubuntu
|
medium | CVE-2008-2400 medium priority: Ubuntu including 1 source packages (stunnel4), 5 status rows across 5 suites (dapper, feisty, gutsy, hardy, upstream): not-affected 4, needs-triage 1. | https://ubuntu.com/security/CVE-2008-2400 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| stunnel | stunnel | 0.1 | cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.0 | cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.1 | cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.2 | cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.3 | cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.4 | cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.5 | cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:* |
| stunnel | stunnel | 1.6 | cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:* |
| stunnel | stunnel | 2.0 | cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:* |
| stunnel | stunnel | 2.1 | cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:* |
| stunnel | stunnel | 3.0 | cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:* |
| stunnel | stunnel | 3.1 | cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.2 | cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.3 | cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.4a | cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.5 | cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.6 | cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.7 | cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.8 | cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.8 | cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:* |
| stunnel | stunnel | 3.8 | cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:* |
| stunnel | stunnel | 3.8 | cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:* |
| stunnel | stunnel | 3.8 | cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:* |
| stunnel | stunnel | 3.9 | cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.10 | cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.11 | cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.12 | cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.13 | cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.14 | cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.15 | cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.16 | cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.17 | cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.18 | cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.19 | cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.20 | cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.21 | cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.21a | cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.21b | cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.21c | cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.22 | cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:* |
| stunnel | stunnel | 3.24 | cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.0 | cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.01 | cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.02 | cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.03 | cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.04 | cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.05 | cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.06 | cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.07 | cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.08 | cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.09 | cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.10 | cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.11 | cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.12 | cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.13 | cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.14 | cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.15 | cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.16 | cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.17 | cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.18 | cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.19 | cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.20 | cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.21 | cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:* |
| stunnel | stunnel | 4.22 | cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:* |