CVE-2019-1742
Cisco IOS XE Software Information Disclosure Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access sensitive configuration information. The vulnerability is due to improper access control to files within the web UI. An attacker could exploit this vulnerability by sending a malicious request to an affected device. A successful exploit could allow the attacker to gain access to sensitive configuration information.
Una vulnerabilidad en la interfaz web del software Cisco IOS XE podría permitir que un atacante remoto no autenticado acceda a información sensible sobre la configuración. Esta vulnerabilidad se debe al control de acceso a archivos incorrecto en la interfaz web. Un atacante podría explotar esta vulnerabilidad enviando una petición maliciosa a un dispositivo afectado. Un exploit exitoso podría permitir que el atacante obtenga acceso a información sensible sobre la configuración.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2018-12-06 CVE Reserved
- 2019-03-27 CVE Published
- 2024-08-17 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/107600 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-xeid | 2020-10-08 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 3.2.0ja Search vendor "Cisco" for product "Ios Xe" and version "3.2.0ja" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.1 Search vendor "Cisco" for product "Ios Xe" and version "16.3.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.1a Search vendor "Cisco" for product "Ios Xe" and version "16.3.1a" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.2 Search vendor "Cisco" for product "Ios Xe" and version "16.3.2" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.3 Search vendor "Cisco" for product "Ios Xe" and version "16.3.3" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.4 Search vendor "Cisco" for product "Ios Xe" and version "16.3.4" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.5 Search vendor "Cisco" for product "Ios Xe" and version "16.3.5" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.5b Search vendor "Cisco" for product "Ios Xe" and version "16.3.5b" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.3.6 Search vendor "Cisco" for product "Ios Xe" and version "16.3.6" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.1 Search vendor "Cisco" for product "Ios Xe" and version "16.4.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.2 Search vendor "Cisco" for product "Ios Xe" and version "16.4.2" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.4.3 Search vendor "Cisco" for product "Ios Xe" and version "16.4.3" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1 Search vendor "Cisco" for product "Ios Xe" and version "16.5.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1a Search vendor "Cisco" for product "Ios Xe" and version "16.5.1a" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.1b Search vendor "Cisco" for product "Ios Xe" and version "16.5.1b" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.2 Search vendor "Cisco" for product "Ios Xe" and version "16.5.2" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.5.3 Search vendor "Cisco" for product "Ios Xe" and version "16.5.3" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.1 Search vendor "Cisco" for product "Ios Xe" and version "16.6.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.2 Search vendor "Cisco" for product "Ios Xe" and version "16.6.2" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.6.3 Search vendor "Cisco" for product "Ios Xe" and version "16.6.3" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1 Search vendor "Cisco" for product "Ios Xe" and version "16.7.1" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1a Search vendor "Cisco" for product "Ios Xe" and version "16.7.1a" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Ios Xe Search vendor "Cisco" for product "Ios Xe" | 16.7.1b Search vendor "Cisco" for product "Ios Xe" and version "16.7.1b" | - |
Affected
|