Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco VPN 3000 Series Concentrator XML Filter配置错误访问漏洞
Vulnerability Description
Cisco VPN 3000 Concentrator 3.5.3之前的2.2.x,和3.x版本存在漏洞。当XML过滤器配置启用时,该软件添加一个"HTTPS on Public Inbound (XML-Auto)(forward/in)"准则但设置协议为"ANY",最终导致任意通信通过集中器。
CVSS Information
N/A
Vulnerability Type
N/A