CVE-2019-15990 — Vulnetix

CVE-2019-15990 PUBLISHED CVSS 5.300000190734863 MEDIUM

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication.

EPSS 0.31% · 54.6th percentile

Risk Scores

CVSS 3.0

5.300000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.31%

54.6th percentile

Affected Products

Vendor	Product	Versions
cisco	rv042g_dual_gigabit_wan_vpn_firmware	0
cisco	rv016_multi-wan_vpn_firmware	0
cisco	rv042_dual_wan_vpn_firmware	0
Cisco	Cisco Small Business RV Series Router Firmware	unspecified
cisco	rv082_dual_wan_vpn_firmware	0

Exploit Intelligence

20191120 Cisco Small Business Routers RV016, RV042, RV042G, and RV082 Information Disclosure Vulnerability (circl)

Timeline

Nov 20, 2019 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 28, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 4, 2022 EPSS Score

References

Open in Interactive Console →