Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550; Email Security Appliance devices before 7.1.5-104, 7.3 before 7.3.2-026, 7.5 before 7.5.2-203, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.2.2-110, 7.7 before 7.7.0-213, and 7.8 and 7.9 before 7.9.1-102 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL, aka Bug IDs CSCzv85726, CSCzv44633, and CSCzv24579.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco AsyncOS 代码注入漏洞
Vulnerability Description
Cisco AsyncOS是美国思科(Cisco)公司的一款应用于思科设备的操作系统。 Cisco AsyncOS 中的Web框架中存在代码注入漏洞。远程经过授权的攻击者可通过特制的命令行输入URL利用该漏洞执行任意代码。以下产品及版本中存在该漏洞:Cisco Web Security Appliance设备7.1.3-013之前的版本、7.5.0-838之前的7.5版本、7.7.0-550之前的7.7版本;Email Security Appliance设备7.1.5-104之前的版本、7.3.2-02
CVSS Information
N/A
Vulnerability Type
N/A