Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the application management interface. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. An exploit could allow the attacker to conduct cross-site scripting attacks when an administrator views the log files. Cisco Bug IDs: CSCvh11308.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cisco Identity Services Engine logs组件跨站脚本漏洞
Vulnerability Description
Cisco Identity Services Engine(ISE)是美国思科(Cisco)公司的一款基于身份的环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。logs component是其中的一个日志组件。 Cisco ISE中的logs组件存在跨站脚本漏洞,该漏洞源于程序没有充分的验证应用程序管理界面中日志所存储的请求。远程攻击者可通过向目标系统发送恶意的请求利用该漏洞执行任意的脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A