Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Edge Fog Fabric Resource Exposure Vulnerability
Vulnerability Description
A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device. The vulnerability is due to incorrect authorization enforcement on an affected system. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
将资源暴露给错误范围
Vulnerability Title
Cisco?Edge Fog Fabric 授权问题漏洞
Vulnerability Description
Cisco?Edge Fog Fabric是美国思科(Cisco)公司的一个应用于工业环境的微服务架构物联网平台。该平台提供用于高级监视和诊断的新型IoT应用程序,可进行实时质量检测,主动维护和操作智能用例。 Cisco Edge Fog Fabric中的REST API 存在授权问题漏洞,该漏洞是由于在受影响的系统上进行不正确的授权所致,攻击者可以通过向API发送精心设计的请求来利用此漏洞,成功利用此漏洞可能使攻击者覆盖受影响设备上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A