Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509 certificate validation when establishing a WSMA connection. An attacker could exploit this vulnerability by supplying a crafted X.509 certificate during the WSMA connection setup phase. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on WSMA connections to the affected software. At the time of publication, this vulnerability affected Cisco IND Software releases prior to 1.7.
CVSS Information
N/A
Vulnerability Type
加密问题
Vulnerability Title
Cisco Industrial Network Director 信任管理问题漏洞
Vulnerability Description
Cisco Industrial Network Director(IND)是美国思科(Cisco)公司的一套工业自动化管理系统。该系统通过对工业以太网基础设施的可视化操作来实现自动化管理。 Cisco Industrial Network Director 1.7之前版本中的Web Services Management Agent (WSMA)功能存在信任管理问题漏洞,该漏洞源于程序没有充分地验证X.509证书。远程攻击者可借助特制的X.509证书利用该漏洞读取敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A