Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2019-15993

Published: 23/09/2020 Updated: 06/04/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote malicious user to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of an affected device. A successful exploit could allow the malicious user to access sensitive device information, which includes configuration files.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco sg250x-24 firmware

cisco sg250x-24p firmware

cisco sg250x-48 firmware

cisco sg250x-48p firmware

cisco sg250-08 firmware

cisco sg250-08hp firmware

cisco sg250-10p firmware

cisco sg250-18 firmware

cisco sg250-26 firmware

cisco sg250-26hp firmware

cisco sg250-26p firmware

cisco sg250-50 firmware

cisco sg250-50hp firmware

cisco sg250-50p firmware

cisco sf250-24 firmware

cisco sf250-24p firmware

cisco sf250-48 firmware

cisco sf250-48hp firmware

cisco sg350-10 firmware

cisco sg350-10p firmware

cisco sg350-10mp firmware

cisco sg355-10p firmware

cisco sg350-28 firmware

cisco sg350-28p firmware

cisco sg350-28mp firmware

cisco sf350-48 firmware

cisco sf350-48p firmware

cisco sf350-48mp firmware

cisco sg350xg-2f10 firmware

cisco sg350xg-24f firmware

cisco sg350xg-24t firmware

cisco sg350xg-48t firmware

cisco sg350x-24 firmware

cisco sg350x-24p firmware

cisco sg350x-24mp firmware

cisco sg350x-48 firmware

cisco sg350x-48p firmware

cisco sg350x-48mp firmware

cisco sx550x-16ft firmware

cisco sx550x-24ft firmware

cisco sx550x-12f firmware

cisco sx550x-24f firmware

cisco sx550x-24 firmware

cisco sx550x-52 firmware

cisco sg550x-24 firmware

cisco sg550x-24p firmware

cisco sg550x-24mp firmware

cisco sg550x-24mpp firmware

cisco sg550x-48 firmware

cisco sg550x-48p firmware

cisco sg550x-48mp firmware

cisco sf550x-24 firmware

cisco sf550x-24p firmware

cisco sf550x-24mp firmware

cisco sf550x-48 firmware

cisco sf550x-48p firmware

cisco sf550x-48mp firmware

cisco sg200-50 firmware

cisco sg200-50p firmware

cisco sg200-50fp firmware

cisco sg200-26 firmware

cisco sg200-26p firmware

cisco sg200-26fp firmware

cisco sg200-18 firmware

cisco sg200-10fp firmware

cisco sg200-08 firmware

cisco sg200-08p firmware

cisco sf200-24 firmware

cisco sf200-24p firmware

cisco sf200-24fp firmware

cisco sf200-48 firmware

cisco sf200-48p firmware

cisco sf302-08pp firmware

cisco sf302-08mpp firmware

cisco sg300-10pp firmware

cisco sg300-10mpp firmware

cisco sf300-24pp firmware

cisco sf300-48pp firmware

cisco sg300-28pp firmware

cisco sf300-08 firmware

cisco sf300-48p firmware

cisco sg300-10mp firmware

cisco sg300-10p firmware

cisco sg300-10 firmware

cisco sg300-28p firmware

cisco sf300-24p firmware

cisco sf302-08mp firmware

cisco sg300-28 firmware

cisco sf300-48 firmware

cisco sg300-20 firmware

cisco sf302-08p firmware

cisco sg300-52 firmware

cisco sf300-24 firmware

cisco sf302-08 firmware

cisco sf300-24mp firmware

cisco sg300-10sfp firmware

cisco sg300-28mp firmware

cisco sg300-52p firmware

cisco sg300-52mp firmware

cisco sg500-28mpp firmware

cisco sg500-52mp firmware

cisco sg500xg-8f8t firmware

cisco sf500-24 firmware

cisco sf500-24p firmware

cisco sf500-48 firmware

cisco sf500-48p firmware

cisco sg500-28 firmware

cisco sg500-28p firmware

cisco sg500-52 firmware

cisco sg500-52p firmware

cisco sg500x-24 firmware

cisco sg500x-24p firmware

cisco sg500x-48 firmware

cisco sg500x-48p firmware

Vendor Advisories

Cisco: Cisco Small Business Switches Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI An attacker could exploit this vulnerability by sending a malicious HTTP ...

Github Repositories

https://github.com/SYNgularity1/exploits

SYNgularity1 - Exploits and PoC Code for CVEs, Vulnerabilities, etc.

exploits SYNgularity1 - Exploits and PoC Code for CVEs, Vulnerabilities, etc Current: CVE-2019-15993 / CVE-2020-5330 - Cisco Sx / SMB, Dell X & VRTX, Netgear (Various) Information Disclosure and Hash Decrypter NO CVE - Solarwinds Serv-U FTP LFI Downloader Vulnerable Software: Solarwinds Serv-U (Windows) < 1532 NO CVE - 0-day - Zyxel - NXxxx Wireless Controlle

References

CWE-287https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200129-smlbus-switch-discloshttp://packetstormsecurity.com/files/171723/Cisco-Dell-Netgear-Information-Disclosure-Hash-Decrypter.htmlhttps://nvd.nist.govhttps://github.com/SYNgularity1/exploitshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200129-smlbus-switch-disclos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884CVE-2024-6003remotebrute forceinformation disclosureCVE-2024-27801CVE-2024-30078CVE-2024-31870CVE-2024-6042
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook