Information disclosure in Cisco Rvs4000

CVE-2011-1647

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the…

Vulnerability class: Information Disclosure

EPSS: 0.002 (43.5th percentile) — read the EPSS interpretation.

Affected products

Cisco Rvs4000 — versions 1, 2
Cisco Rvs4000_software — versions 1.3.0.5, 1.3.1.0, 1.3.2.0
Cisco Wrvs4400n — versions 1.0, 1.1, 2
Cisco Wrvs4400n_software — versions 1.3.0.5, 1.3.1.0, 1.3.2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

47985 (vdb-entry, x_refsource_BID)
20110525 Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1025565 (vdb-entry, x_refsource_SECTRACK)