Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. The vulnerability is due to an overly permissive Cross Origin Resource Sharing (CORS) policy. An attacker could exploit this vulnerability by convincing a user to follow a malicious link. An exploit could allow the attacker to communicate with the API and exfiltrate sensitive information. Cisco Bug IDs: CSCvh99208.
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Cisco Digital Network Architecture Center 信息泄露漏洞
Vulnerability Description
Cisco Digital Network Architecture Center(DNA Center)是美国思科(Cisco)公司的一套数字网络体系结构解决方案。该方案能够扩展并保护网络内的设备、应用程序等。 Cisco DNA Center中的Web框架存在信息泄露漏洞,该漏洞源于过度宽松的跨源资源共享(CORS)策略。远程攻击者可通过诱使用户打开链接利用该漏洞与Kong API服务器进行通信并获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A