Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Integrated Management Controller CLI Command Injection Vulnerability
Vulnerability Description
A vulnerability in the CLI of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could exploit this vulnerability by authenticating with the administrator password via the CLI of an affected device and submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Cisco Integrated Management Controller 操作系统命令注入漏洞
Vulnerability Description
Cisco Integrated Management Controller(IMC)是美国思科(Cisco)公司的一套用于对UCS(统一计算系统)进行管理的软件。该软件支持HTTP、SSH访问等,并可对服务器进行开机、关机和重启等操作。 Cisco IMC中的CLI存在操作系统命令注入漏洞。攻击者可通过使用管理员密码进行身份验证并发送特制的输入利用该漏洞以root权限执行任意的命令。
CVSS Information
N/A
Vulnerability Type
N/A