CVE-2018-15433 — Vulnetix

CVE-2018-15433 PUBLISHED CVSS 4 MEDIUM

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. A successful exploit could allow the attacker to view sensitive information.

EPSS 0.15% · 35.6th percentile

Risk Scores

CVSS 2.0

EPSS Score

0.15%

35.6th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco Prime Infrastructure	n/a
cisco	prime_infrastructure	3.2

Exploit Intelligence

105562 (circl)
20181003 Cisco Prime Infrastructure Information Disclosure Vulnerability (circl)

Timeline

Oct 3, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 28, 2022 EPSS Score
May 2, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 5, 2022 EPSS Score
Nov 6, 2022 EPSS Score
Jan 8, 2023 EPSS Score

References

105562 vdb
20181003 Cisco Prime Infrastructure Information Disclosure Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2018-15433 advisory

Open in Interactive Console →