Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco AXP shell命令行接口权限提升漏洞
Vulnerability Description
Cisco应用扩展平台(AXP)允许在Cisco集成服务路由器(ISR)上托管第三方应用。 Cisco AXP的技术支持诊断shell的命令行接口存在权限提升漏洞,允许通过认证的用户获得对有漏洞Cisco AXP模块的完全管理访问。 通过认证的Cisco AXP用户可使用API在承载AXP模块的Cisco ISR上执行命令。AXP用户可以获得允许获得对ISR设备访问的敏感配置信息。Cisco AXP 1.5版本要求ISR配置中配置了用户,这样AXP用户才可以使用API执行命令。
CVSS Information
N/A
Vulnerability Type
N/A