How severe is CVE-2018-0245?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2018-0245?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2018-0245 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms in the REST API URL request. An attacker could exploit this vulnerability by sending a malicious URL to the REST API. If successful, an exploit could allow the attacker to view sensitive system information. Cisco Bug IDs: CSCvg89442.

Related Vulnerabilities

CVE-2007-3650

MEDIUM

CVSS:5.3(Medium)

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (...

CWE-2002007

CVE-2007-3651

MEDIUM

CVSS:5.3(Medium)

class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation...

CWE-2002007

CVE-2010-3673

MEDIUM

CVSS:5.3(Medium)

TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the mail header of the HTML mailing API.

CWE-2002010

CVE-2011-0736

MEDIUM

CVSS:5.3(Medium)

Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=...

CWE-2002011

CVE-2011-0737

MEDIUM

CVSS:5.3(Medium)

Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the ven...

CWE-2002011

CVE-2011-4538

MEDIUM

CVSS:5.3(Medium)

Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.

CWE-2002011