PT-2017-16138 · Cisco · Cisco Intrusion Prevention System Device Manager

Published

2017-02-22

Updated

2017-07-25

CVE-2017-3842

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco Intrusion Prevention System Device Manager (IDM) version 7.2(1)V7

Description A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.

Recommendations For version 7.2(1)V7, update to a version that fixes this issue to prevent an unauthenticated, remote attacker from viewing sensitive information.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-3842

Affected Products

Cisco Intrusion Prevention System Device Manager

PT-2017-16138 · Cisco · Cisco Intrusion Prevention System Device Manager

CVE-2017-3842

Weakness Enumeration

Related Identifiers

Affected Products

References · 5