Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN vManage Software XML External Entity Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Cisco SD-WAN vManage web UI 代码问题漏洞
Vulnerability Description
Cisco?SD-WAN vManage是美国思科(Cisco)公司的一款可提供软件定义网络功能的软件。该软件为网络虚拟化的一种方式。 Cisco SD-WAN vManage 中 web UI 存在代码问题漏洞,成功利用该漏洞可能使攻击者能够在受影响的应用程序中读写文件。
CVSS Information
N/A
Vulnerability Type
N/A