Vulnslist

find the latest Cisco vulnerabilities

Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability

cisco-sa-20190619-rv-fileaccess · Medium · Published · Updated

A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attacker to access the information contained in the file. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-fileaccess

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2019-1898
Cisco Bug IDsCSCvo65034, CSCvo65037, CSCvo65038
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco RV130W Wireless-N Multifunction VPN Router Firmware, Cisco RV110W Wireless-N VPN Firewall Firmware, Cisco RV215W Wireless-N VPN Router Firmware

CSAF Product Statuses

Product Status Source CVE Rows
Cisco RV110W Wireless-N VPN Firewall Firmware known_affected cisco_csaf CVE-2019-1898 1
Cisco RV130W Wireless-N Multifunction VPN Router Firmware known_affected cisco_csaf CVE-2019-1898 1
Cisco RV215W Wireless-N VPN Router Firmware known_affected cisco_csaf CVE-2019-1898 1

Related Products

Product CVE Evidence
Cisco RV110W Wireless-N VPN Firewall Firmware CVE-2019-1898 Cisco OpenVuln
Cisco RV130W Wireless-N Multifunction VPN Router Firmware CVE-2019-1898 Cisco OpenVuln
Cisco RV215W Wireless-N VPN Router Firmware CVE-2019-1898 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2019-1898 Cisco OpenVuln