Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS 授权问题漏洞
Vulnerability Description
Cisco IOS是美国思科(Cisco)公司为其网络设备开发的操作系统。 Cisco IOS 15.1(1)SY2及之前版本的ipsec-ikev2实现过程中的Flex-VPN load-balancing功能存在安全漏洞,该漏洞源于程序没有执行身份验证操作。远程攻击者可通过安置任意设备成为集群成员利用该漏洞触发VPN流量转发到攻击者控制的程序或丢弃此流量。
CVSS Information
N/A
Vulnerability Type
N/A