Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Integrated Management Controller Username Enumeration Vulnerability
Vulnerability Description
A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过差异性导致的信息暴露
Vulnerability Title
Cisco?Integrated Management Controller 安全漏洞
Vulnerability Description
Cisco?Integrated Management Controller(IMC)是美国思科(Cisco)公司的一个用于服务器管理监控的集成管理软件。 Cisco Integrated Management Controller 存在安全漏洞,该漏洞使攻击者通过枚举的方式易于发现受攻击程序中有效的用户名,成功利用此漏洞可能使攻击者确认用于进一步攻击目标系统的帐户名称。
CVSS Information
N/A
Vulnerability Type
N/A