Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco SSL/TLS证书及SSH公钥验证漏洞
Vulnerability Description
Cisco CS-MARS可从各种网络设备接收事件日志,关联并分析接收到的安全问题数据,并报告发现;ASDM可为各种Cisco安全设备提供管理和监控服务,为Cisco交换机和路由器提供防火墙服务模块。Cisco CS-MARS和ASDM处理与所管理设备的通讯认证实现上存在漏洞,远程攻击者可能利用此漏洞获得登录凭据之类的敏感信息,或通过冒充被管理设备向受影响的Cisco产品提交错误数据,以影响受影响产品的完整性。如果Cisco CS-MARS和ASDM通过SSL/TLS或SSH连接到所管理设备,就不会验证这
CVSS Information
N/A
Vulnerability Type
N/A