Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco ACE安全绕过漏洞
Vulnerability Description
Cisco ACE Application Control Engine Module是美国思科(Cisco)公司新一代的负载均衡和应用交付解决方案。 Cisco Application Control Engine(ACE) A4(2.3)之前的版本和A5(1.1)之前的A5版本中存在漏洞。当启用multicontext模式时,在多个上下文中未正确分享管理IP地址。远程认证管理者可利用该漏洞通过尝试登陆到上下文在投机情况下绕过目地访问权限,读取或修改配置设置。又名Bug ID CSCts30631。
CVSS Information
N/A
Vulnerability Type
N/A