CVE-2000-0368 — Sensitive Information Exposure in Cisco IOS

CWE-200 — Sensitive Information Exposure2 documents2 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 72.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedMar 12

Latest updateApr 30

Description

Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/ios9.1

Patches

Patch: www.ciac.org ↗Patch: www.cisco.com ↗Patch: www.ciac.org ↗

🔴Vulnerability Details

GHSA

GHSA-fxrh-cvvm-q99f: Classic Cisco IOS 9↗2022-04-30

▶