Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-111451
HistoryJan 08, 2020 - 12:00 a.m.

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

2020-01-0800:00:00
Symantec Security Response
www.symantec.com
9

EPSS

0.001

Percentile

47.8%

JSON

Description

Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602.

Technologies Affected

  • Cisco UCS Director 4.0.0.0
  • Cisco UCS Director 4.0.0.1
  • Cisco UCS Director 4.0.0.2
  • Cisco UCS Director 4.0.0.3
  • Cisco UCS Director 4.1.0.0
  • Cisco UCS Director 4.1.0.1
  • Cisco UCS Director 4.1.0.2
  • Cisco UCS Director 5.2.0.0
  • Cisco UCS Director 5.2.0.1
  • Cisco UCS Director 5.5
  • Cisco UCS Director 5.5.0.1
  • Cisco UCS Director 5.5.0.2
  • Cisco UCS Director 6.0
  • Cisco UCS Director 6.0.0.0
  • Cisco UCS Director 6.0.0.1
  • Cisco UCS Director 6.0.1.0
  • Cisco UCS Director 6.0.1.1
  • Cisco UCS Director 6.0.1.2
  • Cisco UCS Director 6.0.1.3
  • Cisco UCS Director 6.5
  • Cisco UCS Director 6.5.0.1
  • Cisco UCS Director 6.5.0.2
  • Cisco UCS Director 6.5.0.3
  • Cisco UCS Director 6.6(0.0)
  • Cisco UCS Director 6.6(1.0)
  • Cisco UCS Director 6.6.0.0
  • Cisco UCS Director 6.6.1.0
  • Cisco UCS Director 6.7
  • Cisco UCS Director 6.7(1.0)
  • Cisco UCS Director 6.7(2.0)
  • Cisco UCS Director 6.7(3.0)
  • Cisco UCS Director 6.7.0.0
  • Cisco UCS Director 6.7.1.0
  • Cisco UCS Director 6.7.2.0
  • Cisco UCS Director 6.7.3.0

Recommendations

Block external access at the network boundary, unless external parties require service.
Allow only trusted hosts and networks to connect to computers running the affected software. This will limit the potential for remote attackers to exploit this issue.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to malformed requests and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

References

Related

prion 1
nvd 1
cve 1
cvelist 1
cisco 1
prion
prion
Authentication flaw
2020-01-26 05:15:00
nvd
nvd
CVE-2019-16003
2020-01-26 05:15:13
cve
cve
CVE-2019-16003
2020-01-26 05:15:13
cvelist
cvelist
CVE-2019-16003 Cisco UCS Director Information Disclosure Vulnerability
2020-01-26 04:45:40
cisco
cisco
Cisco UCS Director Information Disclosure Vulnerability
2020-01-08 16:00:00

EPSS

0.001

Percentile

47.8%

JSON
Related for SMNTC-111451
prion1nvd1cve1cvelist1cisco1