Vulnerability Details CVE-2019-15990
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to view information displayed in the web-based management interface without authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.6%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2019-15990
-
cpe:2.3:h:cisco:rv016_multi-wan_vpn:-
-
cpe:2.3:h:cisco:rv042_dual_wan_vpn:-
-
cpe:2.3:h:cisco:rv042g_dual_gigabit_wan_vpn:-
-
cpe:2.3:h:cisco:rv082_dual_wan_vpn:-
-
cpe:2.3:o:cisco:rv016_multi-wan_vpn_firmware:*
-
cpe:2.3:o:cisco:rv042_dual_wan_vpn_firmware:*
-
cpe:2.3:o:cisco:rv042g_dual_gigabit_wan_vpn_firmware:*
-
cpe:2.3:o:cisco:rv082_dual_wan_vpn_firmware:*