Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web-based interface of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect system software version information when the software responds to HTTP requests that are sent to the web-based interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based interface of the affected software. A successful exploit could allow the attacker to view sensitive information about the software, which the attacker could use to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvf66155.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Cisco Secure Access Control System 信息泄露漏洞
Vulnerability Description
Cisco Secure Access Control System(ACS)是美国思科(Cisco)公司的一套安全访问控制系统。该系统可通过RADIUS、TACACS协议分别对网络访问和网络设备访问进行控制。 Cisco Secure ACS中的基于Web的界面存在信息泄露漏洞,该漏洞源于程序没有充分的保护系统软件版本信息。远程攻击者可通过向基于Web的界面发送特制的HTTP数据包利用该漏洞查看有关该系统软件的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A