漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Enterprise NFV Infrastructure Software Web-Based Management Interface Authentication Bypass Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementation of authentication in the web-based management interface. An attacker could exploit this vulnerability by sending a crafted authentication request to the web-based management interface on an affected system. A successful exploit could allow the attacker to view limited configuration details and potentially upload a virtual machine image.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Cisco Enterprise NFV Infrastructure Software 授权问题漏洞
Vulnerability Description
Cisco Enterprise NFV Infrastructure Software(NFVIS)是美国思科(Cisco)公司的一套NVF基础架构软件平台。该平台可以通过中央协调器和控制器实现虚拟化服务的全生命周期管理。 Cisco Enterprise NFVIS 3.10.1.之前版本中基于Web的管理界面存在授权问题漏洞,该漏洞源于程序正确的实现身份验证。远程攻击者可通过发送特制的身份验证请求利用该漏洞查看有限的配置详情并可能上传虚拟机镜像。
CVSS Information
N/A
Vulnerability Type
N/A