CVE-2019-1717 Information
Feb 14, 2021
cve
Description
A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to an affected component. A successful exploit could allow the attacker to download arbitrary files from the affected device which could contain sensitive information.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
http://www.securityfocus.com/bid/108336 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-cvsm
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
7.5
Share on: