Overview
- Description
- A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML content from an affected device. A successful exploit could allow the attacker to view passwords that belong to other users.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
Social media
- Hype score
- Not currently trending
CVE-2024-20462 A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local atta… https://t.co/ziULNl3i0h
@CVEnew
277 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-20462 Password Exposure via HTML Injection in Cisco ATA 190 Firmware The web management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware has a vulnerability. It lets a local attacker w... https://t.co/dfWbhFR8aY
@VulmonFeeds
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E464918E-6409-4ACC-B27A-ECD7A5A5ABF8",
"versionEndExcluding": "12.0.2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_191:-:*:*:*:on-premises:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2BBB1A29-ABF8-4F79-A436-A416FAF4E7A9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FA479CC-10DC-4B3A-A869-7E0CCD02C959",
"versionEndExcluding": "11.2.5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_191:-:*:*:*:multiplatform:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B0C232BB-005C-4E04-9B99-2B01AC8E8BA1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ata_192_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B66D888-565A-4EB1-B19B-594B302AAA72",
"versionEndExcluding": "11.2.5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ata_192:-:*:*:*:multiplatform:*:*:*",
"vulnerable": false,
"matchCriteriaId": "00A3390F-594D-4DB2-96EC-04D0D73C9421"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]