Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS和IOS XE Software 安全绕过漏洞
Vulnerability Description
Cisco IOS和IOS XE Software都是美国思科(Cisco)公司为其网络设备开发的操作系统。Zone-Based Firewall(ZBFW)是其中的一个策略防火墙组件。 Cisco IOS和IOS XE Software中的ZBFW功能存在安全绕过漏洞,该漏洞源于程序没有正确区域检查当前会话的数据流。远程攻击者可利用该漏洞注入和传递伪造的数据流,绕过安全限制,获取资源的未授权访问权限。
CVSS Information
N/A
Vulnerability Type
N/A