vulnerability

Cisco UCS Device: Unspecified Security Vulnerability (CVE-2019-1908)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 21, 2019	Sep 25, 2019	Oct 19, 2020

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 21, 2019

Added

Sep 25, 2019

Modified

Oct 19, 2020

Description

A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security restrictions imposed by the affected software. A successful exploit could allow the attacker to view sensitive information that belongs to other users. The attacker could then use this information to conduct additional attacks.

Solution

cisco-ucs-update-latest

References

CVE-2019-1908
https://attackerkb.com/topics/CVE-2019-1908
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-infodisc

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report