CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-15394

A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/105853
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass
http://www.securityfocus.com/bid/105853
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass

Products affected by CVE-2018-15394

Cisco » Stealthwatch Enterprise » Version: 6.10.2

cpe:2.3:a:cisco:stealthwatch_enterprise:6.10.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15394

Products

Pricing

Contact Us