Executive Summary
Summary | |
---|---|
Title | Cisco Wireless Residential Gateway Information Disclosure Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20160309-rgid | First vendor Publication | 2016-03-09 |
Vendor | Cisco | Last vendor Modification | 2016-03-09 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device. The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid BEGIN PGP SIGNATURE Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJW4DOZAAoJEK89gD3EAJB5L+kP/3k8pRmQQ3Dig29KOdQR0bP2 6UI3pty+tMylw7i17/YBXgpubxmz8hyD+q9yqTwb97a15BY7/89PJ/SMmAlp0z7/ TNC6OtuTYRNovT4uTs4h8LC04U0jWq9Z/caSeHRqn9HpgKWv+wxq0S3A5pVWYiSH xfdt81ek2fj6ZND4hEHUQoVNrWLDylhirbGcmTe84HkxUDeIyzivSlyDovfedijc 2hyWXl3DRD9UqoOEW2zVy74wn7BWANCmWXrlPxsyFfSZyMHsZlSGS5y8Oe8Cearm 6wGyGr3NWRHX1baLEIA4j/oeSiooWsHLGa3ja+Td8p/ADK1h/nlnwBB9GxOjJoCQ Dx78cf7Aa9UbyUjviSt4od2TDxTg4D4n7zU4fglBqODX0nw4sUH7Rylt7ce3ZzEL Jfgo9+W4JQL81SA+qdBiCpMLcgR+ChAALcXti4WZolOPt9Iceo9ahYPQe+VUbfLR OF/sSFOZHZM6gRPlkYhF6if9ZD6CZ1jgMjuSoWc/pAsiiRCmzdXIev2UcVqVnSTE nnSppYjVa3E4hKzR2VHQHmRtNYfTNTGVyM5VCHelWzscJGhAWeC6pLgyOPqySRvR hsC/XM31sa0E9GxmqQYyJD1gqDmwrS4DPtLUJkmv/3zIU0bbFkxAcQz9pSfOPHgC gfpjKXGVQFqJpiyuFJUm =rVTy END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
Alert History
Date | Informations |
---|---|
2016-03-15 00:27:12 |
|
2016-03-09 21:29:15 |
|
2016-03-09 21:23:51 |
|