A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain log files that contain sensitive data, including credentials that can be used to access the API.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NCisco Smart License Utility
APPCisco2.0.02.1.02.2.0
Related vulnerabilities
Cisco Smart License Utility — ukryte statyczne dane logowania (backdoor)
Cisco Catalyst SD-WAN — pominięcie uwierzytelnienia z dostępem administracyjnym
RCE przez insecure deserialization w Cisco Secure Firewall Management Center
Cisco Catalyst SD-WAN — ominięcie uwierzytelnienia peering i przejęcie uprawnień
RCE z uprawnieniami root w Cisco Secure Email Gateway i Secure Email and Web Manager