CVE-2019-1645 is a vulnerability in Cisco Connected Mobile Experiences
Published on January 24, 2019
Cisco Connected Mobile Experiences Information Disclosure Vulnerability
A vulnerability in the Cisco Connected Mobile Experiences (CMX) software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected device. An attacker could exploit this vulnerability by sending HTTP GET requests to an affected device. An exploit could allow the attacker to use this information to conduct additional reconnaissance attacks.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2019-1645 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2019-1645
Want to know whenever a new CVE is published for Cisco Connected Mobile Experiences? stack.watch will email you.
Affected Versions
Cisco Connected Mobile Experiences Version n/a is affected by CVE-2019-1645Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.