Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Security Manager Java Deserialization Vulnerability
Vulnerability Description
A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the device with the privileges of casuser.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Security Manager 代码问题漏洞
Vulnerability Description
Cisco Security Manager(CSM)是美国思科(Cisco)公司的一套企业级的管理应用,它主要用于在Cisco网络和安全设备上配置防火墙、VPN和入侵保护安全服务。 Cisco CSM 4.18之前版本中的Java反序列化功能存在代码问题漏洞,该漏洞源于程序没有安全地反序列化用户提交的内容。攻击者可通过发送恶意的序列化Java对象利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A