CVE-2019-15990
Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Information Disclosure Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication.
Una vulnerabilidad en la interfaz de administración basada en web de determinados Enrutadores Cisco Small Business RV Series, podría permitir a un atacante remoto no autenticado visualizar la información desplegada en la interfaz de administración basada en web. La vulnerabilidad es debido a una autorización inapropiada de peticiones HTTP. Un atacante podría explotar esta vulnerabilidad al enviar peticiones HTTP diseñadas a la interfaz de administración basada en web de un dispositivo afectado. Una explotación con éxito podría permitir al atacante visualizar la información desplegada en la interfaz de administración basada en web sin autenticación.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2019-09-06 CVE Reserved
- 2019-11-26 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-285: Improper Authorization
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Rv016 Multi-wan Vpn Firmware Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware" | < 4.2.3.10 Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware" and version " < 4.2.3.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv016 Multi-wan Vpn Search vendor "Cisco" for product "Rv016 Multi-wan Vpn" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv042 Dual Wan Vpn Firmware Search vendor "Cisco" for product "Rv042 Dual Wan Vpn Firmware" | < 4.2.3.10 Search vendor "Cisco" for product "Rv042 Dual Wan Vpn Firmware" and version " < 4.2.3.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv042 Dual Wan Vpn Search vendor "Cisco" for product "Rv042 Dual Wan Vpn" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv042g Dual Gigabit Wan Vpn Firmware Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware" | < 4.2.3.10 Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware" and version " < 4.2.3.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv042g Dual Gigabit Wan Vpn Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv082 Dual Wan Vpn Firmware Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Firmware" | < 4.2.3.10 Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Firmware" and version " < 4.2.3.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv082 Dual Wan Vpn Search vendor "Cisco" for product "Rv082 Dual Wan Vpn" | - | - |
Safe
|