Executive Summary

Title Cisco Wireless Residential Gateway Information Disclosure Vulnerability
Name cisco-sa-20160309-rgid First vendor Publication 2016-03-09
Vendor Cisco Last vendor Modification 2016-03-09
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device.

The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.

Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid

BEGIN PGP SIGNATURE Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW4DOZAAoJEK89gD3EAJB5L+kP/3k8pRmQQ3Dig29KOdQR0bP2 6UI3pty+tMylw7i17/YBXgpubxmz8hyD+q9yqTwb97a15BY7/89PJ/SMmAlp0z7/ TNC6OtuTYRNovT4uTs4h8LC04U0jWq9Z/caSeHRqn9HpgKWv+wxq0S3A5pVWYiSH xfdt81ek2fj6ZND4hEHUQoVNrWLDylhirbGcmTe84HkxUDeIyzivSlyDovfedijc 2hyWXl3DRD9UqoOEW2zVy74wn7BWANCmWXrlPxsyFfSZyMHsZlSGS5y8Oe8Cearm 6wGyGr3NWRHX1baLEIA4j/oeSiooWsHLGa3ja+Td8p/ADK1h/nlnwBB9GxOjJoCQ Dx78cf7Aa9UbyUjviSt4od2TDxTg4D4n7zU4fglBqODX0nw4sUH7Rylt7ce3ZzEL Jfgo9+W4JQL81SA+qdBiCpMLcgR+ChAALcXti4WZolOPt9Iceo9ahYPQe+VUbfLR OF/sSFOZHZM6gRPlkYhF6if9ZD6CZ1jgMjuSoWc/pAsiiRCmzdXIev2UcVqVnSTE nnSppYjVa3E4hKzR2VHQHmRtNYfTNTGVyM5VCHelWzscJGhAWeC6pLgyOPqySRvR hsC/XM31sa0E9GxmqQYyJD1gqDmwrS4DPtLUJkmv/3zIU0bbFkxAcQz9pSfOPHgC gfpjKXGVQFqJpiyuFJUm =rVTy END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-200 Information Exposure

CPE : Common Platform Enumeration

Os 1

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-03-15 00:27:12
  • Multiple Updates
2016-03-09 21:29:15
  • Multiple Updates
2016-03-09 21:23:51
  • First insertion