PT-2017-16138 · Cisco · Cisco Intrusion Prevention System Device Manager

Publicado

2017-02-22

Atualizado

2017-07-25

CVE-2017-3842

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco Intrusion Prevention System Device Manager (IDM) version 7.2(1)V7

Description A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.

Recommendations For version 7.2(1)V7, update to a version that fixes this issue to prevent an unauthenticated, remote attacker from viewing sensitive information.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-3842

Produtos afetados

Cisco Intrusion Prevention System Device Manager

PT-2017-16138 · Cisco · Cisco Intrusion Prevention System Device Manager

CVE-2017-3842

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5