A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device.
This vulnerability is due to incorrect sanitization of HTML content from an affected device. A successful exploit could allow the attacker to view passwords that belong to other users.
Metrics
Affected Vendors & Products
References
History
Thu, 31 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-922 |
Tue, 22 Oct 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Cisco
Cisco ata 191 Cisco ata 191 Firmware Cisco ata 192 Cisco ata 192 Firmware |
|
Weaknesses | CWE-522 | |
CPEs | cpe:2.3:h:cisco:ata_191:-:*:*:*:multiplatform:*:*:* cpe:2.3:h:cisco:ata_191:-:*:*:*:on-premises:*:*:* cpe:2.3:h:cisco:ata_192:-:*:*:*:multiplatform:*:*:* cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:ata_192_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Cisco
Cisco ata 191 Cisco ata 191 Firmware Cisco ata 192 Cisco ata 192 Firmware |
Wed, 16 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 16 Oct 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML content from an affected device. A successful exploit could allow the attacker to view passwords that belong to other users. | |
Title | Cisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Information Disclosure Vulnerability | |
Weaknesses | CWE-257 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2024-10-16T16:16:44.345Z
Updated: 2024-10-31T13:17:38.967Z
Reserved: 2023-11-08T15:08:07.680Z
Link: CVE-2024-20462
Vulnrichment
Updated: 2024-10-16T18:09:19.363Z
NVD
Status : Modified
Published: 2024-10-16T17:15:15.357
Modified: 2024-10-31T14:35:08.380
Link: CVE-2024-20462
Redhat
No data.