Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS安全绕过和拒绝服务漏洞
Vulnerability Description
Cisco IOS是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 1)检查访问策略时存在权限许可和访问控制漏洞。该漏洞可以通过发送特制HTTP包获得对限制站点的访问。 成功利用该漏洞的前提是需要先访问不需要账户的站点。 2)存在一个未明漏洞。该漏洞可以借助特制TCP包导致设备重载或者挂起。 3)存在第二个未明漏洞。该漏洞可以借助特制TCP包导致设备重载或者挂起。 成功利用这些漏洞的前提是需要激活单的内容服务。另外,不需要TCP的三次握手协议。 详情请见发行方的受影响ISO软件列表公告。
CVSS Information
N/A
Vulnerability Type
N/A