Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE NGWC Legacy Wireless Device Manager GUI Cross-Site Request Forgery Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected device by using a web browser and with the privileges of the user.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Cisco IOS XE New Generation Wireless Controller 跨站请求伪造漏洞
Vulnerability Description
Cisco IOS XE是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE 3.xE版本中的New Generation Wireless Controller (NGWC)的基于Web的管理界面存在跨站请求伪造漏洞,该漏洞源于程序没有进行充分的跨站请求伪造保护。远程攻击者可通过诱使用户点击特制的链接利用该漏洞执行任意操作。以下产品及版本受到影响:Cisco 5760 Wireless LAN Controllers;Catalyst 3650 Series Swit
CVSS Information
N/A
Vulnerability Type
N/A