Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, and Cisco New Generation Wireless Controllers (NGWC) 3850 could allow an authenticated, remote attacker to elevate their privileges on an affected device. The vulnerability is due to incomplete input validation of HTTP requests by the affected GUI, if the GUI connection state or protocol changes. An attacker could exploit this vulnerability by authenticating to the Wireless Controller GUI as a Lobby Administrator user of an affected device and subsequently changing the state or protocol for their connection to the GUI. A successful exploit could allow the attacker to elevate their privilege level to administrator and gain full control of the affected device. This vulnerability affects the following Cisco products if they are running Cisco IOS XE Software Release 3.7.0E, 3.7.1E, 3.7.2E, 3.7.3E, 3.7.4E, or 3.7.5E: Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches, Cisco New Generation Wireless Controllers (NGWC) 3850. Cisco Bug IDs: CSCvd73746.
CVSS Information
N/A
Vulnerability Type
权限、特权和访问控制
Vulnerability Title
多款Cisco产品IOS XE Software 权限许可和访问控制漏洞
Vulnerability Description
Cisco 5760 Wireless LAN Controllers等都是美国思科(Cisco)公司的产品。Cisco 5760 Wireless LAN Controllers是一款无线控制器。Catalyst 4500E Supervisor Engine 8-E (Wireless) Switches是一款交换机设备。IOS XE Software是一套使用在其中的操作系统。Wireless Controller GUI是其中的一个无线控制器的图形用户界面。 多款Cisco产品中的IOS XE S
CVSS Information
N/A
Vulnerability Type
N/A