CVE-2018-15433

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. A successful exploit could allow the attacker to view sensitive information.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:prime_infrastructure:3.2:*:*:*:*:*:*:*

History

21 Nov 2024, 03:50

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/105562 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/105562 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-prime-id - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-prime-id - Vendor Advisory

Information

Published : 2018-10-05 14:29

Updated : 2024-11-21 03:50


NVD link : CVE-2018-15433

Mitre link : CVE-2018-15433

CVE.ORG link : CVE-2018-15433


JSON object : View

Products Affected

cisco

  • prime_infrastructure
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor