PT-2022-2314 · Cisco · Cisco Rcm For Cisco Staros
Mark Lowe
+1
·
Published
2022-01-19
·
Updated
2024-11-18
·
CVE-2022-20648
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco RCM for Cisco StarOS Software (affected versions not specified)
Description
A vulnerability in the debug function of Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions, potentially disclosing confidential information. This issue arises from a debug service that incorrectly listens to and accepts incoming connections, allowing an attacker to connect to the debug port and execute debug commands, thereby viewing sensitive debugging information.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Rcm For Cisco Staros