Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN Solution Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An attacker could exploit this vulnerability by writing a crafted file to the directory where the user group configuration is located in the underlying operating system. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.
CVSS Information
N/A
Vulnerability Type
权限、特权和访问控制
Vulnerability Title
Cisco SD-WAN Solution 权限许可和访问控制问题漏洞
Vulnerability Description
Cisco vBond Orchestrator Software等都是美国思科(Cisco)公司的产品。Cisco vBond Orchestrator Software是一套安全网络扩展管理软件。vEdge 100 Series Routers是一款100系列的路由器产品。SD-WAN Solution是运行在其中的一套网络扩展解决方案。 Cisco SD-WAN Solution 18.4.0之前版本中的用户组群配置存在提权漏洞,该漏洞源于程序没有正确地验证参数。远程攻击者可通过向用户组群配置所在的
CVSS Information
N/A
Vulnerability Type
N/A