From 7ef80ae20f3248f15efc22ac69bdbcd1f7d7b426 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 7 Aug 2019 21:00:55 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/1xxx/CVE-2019-1895.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/2019/1xxx/CVE-2019-1895.json b/2019/1xxx/CVE-2019-1895.json index c6b7bd42d0a..e0378246389 100644 --- a/2019/1xxx/CVE-2019-1895.json +++ b/2019/1xxx/CVE-2019-1895.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device. " + "value": "A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device." } ] }, @@ -85,4 +85,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file