漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
A vulnerability in the session identification management functionality of the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. The vulnerability exists because the affected software does not assign a new session identifier to a user session when a user authenticates to the web-based GUI. An attacker could exploit this vulnerability by using a hijacked session identifier to connect to the software through the web-based GUI. A successful exploit could allow the attacker to hijack an authenticated user's browser session on the affected system. Cisco Bug IDs: CSCvd14583.
漏洞信息
N/A
漏洞
认证机制不恰当
漏洞
Cisco Integrated Management Controller 安全漏洞
漏洞信息
Cisco Integrated Management Controller(IMC)是美国思科(Cisco)公司的一套用于对UCS(统一计算系统)进行管理的工具,它支持HTTP、SSH访问等,并可对服务器进行开机、关机和重启等操作。 Cisco IMC中的基于Web的GUI的session identification管理功能存在安全漏洞,该漏洞源于程序没有为用户会话分配新的会话标识符。远程攻击者可利用该漏洞劫持有效的用户会话。
漏洞信息
N/A
漏洞
N/A