CVE-2018-15432

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure (affected versions not specified)

Description The issue is related to the transmission of sensitive information as part of a GET request in the server backup function. This could allow a remote attacker to view sensitive information. The attacker could exploit this by sending a GET request to a vulnerable device, potentially revealing protected information.

Recommendations For Cisco Prime Infrastructure, consider restricting access to the backup function until a fix is available. As a temporary workaround, avoid using the GET request method for sensitive information transmission in the server backup function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.