cisco-sa-20190619-imc-infodisclos

Cisco Integrated Management Controller Information Disclosure Vulnerability

cisco-sa-20190619-imc-infodisclos · Medium · Published 6 years ago · Updated 6 years ago

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to access potentially sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow an attacker to view sensitive system data. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-imc-infodisclos

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2019-1631
Cisco Bug IDs	CSCvn96947
CVSS Score	Base 5.3 Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source	Cisco Unified Computing System (Management Software)

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Integrated Management Controller Information Disclosure Vulnerability

Workarounds

Related Products