CVE-2019-1631
published 2019-06-20CVE-2019-1631: A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to access…
medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to access potentially sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow an attacker to view sensitive system data.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_unified_computing_system | >= unspecified < 4.0(4b) | 4.0(4b) |
| cisco | integrated_management_controller | — | — |
| cisco | unified_computing_system | — | — |