Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability
Vulnerability Description
A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco IOS XR 访问控制错误漏洞
Vulnerability Description
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XR 6.5.1版本和6.5.2版本中的NETCONF over Secure Shell (SSH) 的访问控制逻辑存在访问控制错误漏洞,该漏洞源于NETCONF over SSH访问列表缺少安检查。攻击者可利用该漏洞连接到设备上。
CVSS Information
N/A
Vulnerability Type
N/A