Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Network Services Orchestrator CLI解析器输入验证漏洞
Vulnerability Description
Cisco Network Services Orchestrator(NSO)是美国思科(Cisco)公司的一套网络自动化服务解决方案。CLI parser是其中的一个命令行命令解析器。 Cisco NSO中的CLI解析器存在输入验证漏洞,该漏洞源于程序没有充分的执行输入验证。远程攻击者可通过向易受攻击的命令注入恶意的参数利用该漏洞在受影响系统上以root权限执行任意命令。以下版本受到影响:Cisco Network Services Orchestrator 4.1版本至4.1.6.0版本,4.2版本
CVSS Information
N/A
Vulnerability Type
N/A