漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker must have valid user credentials. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file with malicious entries which could allow the attacker to read and write files and execute remote code within the application, aka XML Injection. Cisco Prime Infrastructure software releases 1.1 through 3.1.6 are vulnerable. Cisco EPNM software releases 1.2, 2.0, and 2.1 are vulnerable. Cisco Bug IDs: CSCvc23894 CSCvc49561.
漏洞信息
N/A
漏洞
输入验证不恰当
漏洞
Cisco Prime Infrastructure和Evolved Programmable Network Manager 安全漏洞
漏洞信息
Cisco Prime Infrastructure(PI)和Cisco Evolved Programmable Network Manager(EPNM)都是美国思科(Cisco)公司的产品。PI是一套通过Cisco Prime LAN Management Solution(LMS)和Cisco Prime Network Control System(NCS)技术进行无线管理的解决方案;EPNM是一套网络管理解决方案。 Cisco PI和EPNM中的基于Web的用户界面存在XML外部实体注入漏洞,
漏洞信息
N/A
漏洞
N/A