Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature and obtain sensitive firmware-image and IP address data via a request to an unspecified Cisco server, aka Bug ID CSCut98082.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Universal Small Cell 安全漏洞
Vulnerability Description
Cisco Universal Small Cell(USC)是美国思科(Cisco)公司的一套集成了3G、LTE和无线网络的端到端的平台。该平台为任何环境提供了合适的网络接入点和高性能移动语音覆盖等功能。 使用R2.12版本至R3.5版本固件的Cisco USC设备中存在安全漏洞,该漏洞源于闪存中包含image-decryption密钥。远程攻击者可通过向Cisco服务器发送请求利用该漏洞绕过certificate-validation功能限制,获取敏感的firmware-image和IP地址数据。
CVSS Information
N/A
Vulnerability Type
N/A