QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0260

Back to search

CVE-2018-0260

Published: Apr 19, 2018

Modified: Nov 29, 2024

PUBLISHED

Description

A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. The vulnerability is due to lack of proper input validation and authorization of HTTP requests. An attacker could exploit this vulnerability by sending a malicious HTTP request to the targeted application. An exploit could allow the attacker to view sensitive information that should require authentication. Cisco Bug IDs: CSCvh31272.

VendorProductVersions

n/a

Cisco MATE Live

affected
Cisco MATE Live

Weaknesses (CWE)

CWE-20

References

103946
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now