Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL sent over IPv4, aka Bug ID CSCzv69294.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Web Security Appliance Web框架命令注入漏洞
Vulnerability Description
Cisco Web Security Appliance(WSA)是美国思科(Cisco)公司的一套Web安全设备。该设备提供基于SaaS的访问控制、实时网络报告和追踪、制定安全策略等功能。 Cisco Web Security Appliance设备7.1.3-013之前的版本,7.5.0-838之前的7.5版本,7.7.0-550之前的7.7版本中的IronPort AsyncOS中的Web框架中存在漏洞。该漏洞源于未能正确过滤用户提交的特殊的URL,在传递给设备上的命令行接口进行解析时,可导致在运行
CVSS Information
N/A
Vulnerability Type
N/A