Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file with malicious entries, which could allow the attacker to read and write files and execute remote code within the application. Cisco Bug IDs: CSCvf47946.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Cisco SocialMiner 安全漏洞
Vulnerability Description
Cisco SocialMiner是美国思科(Cisco)公司的一套社交媒体呼叫中心解决方案。该解决方案支持社交媒体监控和分析功能。 Cisco SocialMiner中基于Web的用户界面存在XML外部实体注入漏洞,该漏洞源于程序没有正确的处理XML外部实体条目。远程攻击者可诱使管理员导入恶意条目的特制XML文件利用该漏洞读取和写入文件,并执行代码。
CVSS Information
N/A
Vulnerability Type
N/A