Vulnerabilities > CVE-2019-1908 - Unspecified vulnerability in Cisco products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cisco

NVD

Published: 2019-08-21

Updated: 2020-10-16

Summary

A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security restrictions imposed by the affected software. A successful exploit could allow the attacker to view sensitive information that belongs to other users. The attacker could then use this information to conduct additional attacks.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Computing System 4.0\(1C\)Hs3 Cisco Integrated Management Controller Supervisor *	2
Hardware	Cisco Cisco UCS C125 M5 - Cisco UCS C4200 - Cisco UCS S3260 -	3

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-infodisc