Описание
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:prime_lan_management_solution:4.1_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_lan_management_solution:4.2_base:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
7.1 High
CVSS3
3 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.1
github
больше 3 лет назад
Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390.
EPSS
Процентиль: 19%
0.0006
Низкий
7.1 High
CVSS3
3 Low
CVSS2
Дефекты
CWE-200