CVE-2019-1908 is a vulnerability in Cisco Unified Computing System
Published on August 21, 2019
Cisco Integrated Management Controller Information Disclosure Vulnerability
A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security restrictions imposed by the affected software. A successful exploit could allow the attacker to view sensitive information that belongs to other users. The attacker could then use this information to conduct additional attacks.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2019-1908 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2019-1908
Want to know whenever a new CVE is published for Cisco Unified Computing System? stack.watch will email you.
Affected Versions
Cisco Unified Computing System (Management Software):- Version unspecified and below 3.0(4k) is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.