Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco SocialMiner 小工具权限许可和访问控制漏洞
Vulnerability Description
Cisco SocialMiner是美国思科(Cisco)公司的一套社交媒体呼叫中心解决方案。该解决方案支持社交媒体监控和分析功能。 Cisco SocialMiner中的小工具中存在安全漏洞,该漏洞源于小工具的GET请求中的敏感信息被传送。远程未授权的攻击者可利用该漏洞通过读取(1)web-server访问日志,(2)web-server Referer日志或(3)浏览器历史,获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A