Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco ASA HTTP响应拆分漏洞
Vulnerability Description
Cisco Adaptive Security Appliances(ASA,自适应安全设备)Software是美国思科(Cisco)公司的一套运行于防火墙中的操作系统。 装有8.1(2)之前版本软件的Cisco5580系列自适应安全设备(ASA)中WebVPN的+webvpn+/index.html存在CRLF注入攻击漏洞。远程攻击者可以注入任意的HTTP头,正如利用URL中含有%0d%0aLocation%3a序列进行重定向攻击,或者通过不明向量进行HTTP响应拆分攻击。
CVSS Information
N/A
Vulnerability Type
N/A