Vulnerability Description
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments. More Information: CSCuh91455. Known Affected Releases: 7.2(1)V7.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Intrusion Prevention System Device Manager | 7.2\(1\)v7 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/96256
- http://www.securitytracker.com/id/1037842
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/96256
- http://www.securitytracker.com/id/1037842
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-3842?
CVE-2017-3842 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored...
How severe is CVE-2017-3842?
CVE-2017-3842 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3842?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Intrusion Prevention System Device Manager.