LiveActive security incident?Get immediate response
CVE Record

CVE-2019-16004: Cisco Vision Dynamic Signage Director Authentication Bypass Vulnerability

A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to missing authentication on some of the API calls. An attacker could exploit this vulnerability by sending a request to one of the affected calls. A successful exploit could allow the attacker to interact with some parts of the API.

MediumCVSS 6.5Not KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

Cisco Vision Dynamic Signage Director had REST API calls that did not require authentication. A remote attacker could access some API functions without credentials. The known impact is limited confidentiality and integrity exposure, with no availability impact stated in the source bundle.

Executive priority

Treat this as a moderate-priority exposure management issue. It does not indicate known active exploitation or service disruption, but unauthenticated API access can still create business risk if deployed systems are reachable from untrusted networks.

Technical view

CVE-2019-16004 is a CWE-306 missing-authentication flaw in Cisco Vision Dynamic Signage Director REST API endpoints. It is remotely reachable, low complexity, requires no privileges or user interaction, and has CVSS 3.0 score 6.5 with low confidentiality and integrity impact.

Likely exposure

Exposure is likely limited to organizations running Cisco Vision Dynamic Signage Director. Risk is higher if the product's management or API surface is reachable from the internet or untrusted networks. The source bundle does not identify affected version numbers.

Exploitation context

The source bundle and KEV status do not show active exploitation. The CVSS vector indicates network exploitation without credentials or user interaction, but the provided sources only state interaction with some API parts, not full compromise.

Researcher notes

Evidence is limited to the CVE record and Cisco advisory reference. The bundle does not provide affected version ranges, exploit evidence, or named fixes. Validation should focus on product presence, endpoint reachability, and Cisco advisory alignment.

Mitigation direction

  • Review Cisco's advisory for affected and fixed release guidance.
  • Inventory Cisco Vision Dynamic Signage Director deployments.
  • Restrict API and management access to trusted networks where feasible.
  • Prioritize remediation for internet-facing or broadly reachable deployments.
  • Monitor for unexpected unauthenticated API access patterns.

Validation and detection

  • Confirm whether Cisco Vision Dynamic Signage Director is deployed.
  • Check deployed versions against Cisco's advisory guidance.
  • Verify API or management endpoints are not internet-exposed.
  • Review logs for unauthenticated API requests or abnormal API activity.
  • Document compensating controls if immediate remediation is unavailable.
Prepared
Confidence
high
Sources
3

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cwe · medium confidence lookup

CWE-306: Credential and account abuse lookup

Authentication and credential weaknesses can make valid-account abuse and credential telemetry useful review starting points. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.

Open ATT&CK lookup
description · low confidence lookup

Credential and access behavior lookup

The CVE wording references authentication or credential exposure, so valid-account and credential-access review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2019-16004 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Medium
CVSS
6.5 (3.0)
Known Exploited
No
Published

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

1CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS vector scores

1 official score

We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.

ScoreVersionSeverityVectorExploitImpactSource
6.5CVSS 3.0MediumCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N3.92.5Primary CVE score

Vulnerability scoring details

Base CVSS 3.0 score

6.5Medium
CVSS 3.0 vector shape for CVE-2019-16004Attack VectorAttack ComplexityPrivileges RequiredUser InteractionScopeConfidentiality ImpactIntegrity ImpactAvailability Impact

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector
NetworkAdjacentLocalPhysical
Attack Complexity
LowHigh
Privileges Required
NoneLowHigh
User Interaction
NoneRequired
Scope
ChangedUnchanged
Confidentiality Impact
HighLowNone
Integrity Impact
HighLowNone
Availability Impact
HighLowNone

Source materials

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
CiscoCisco Vision Dynamic Signage Directorn/aListed
Weakness

CWE details

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.

CWE-306 · source CWE mapping

Missing Authentication for Critical Function

Missing Authentication for Critical Function represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.