Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability
Vulnerability Description
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser.
CVSS Information
N/A
Vulnerability Type
HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)
Vulnerability Title
Cisco Web Security Appliance和Content Security Management Appliance AsyncOS 注入漏洞
Vulnerability Description
Cisco Content Security Management Appliance(SMA)和Cisco Web Security Appliance(WSA)都是美国思科(Cisco)公司的产品。Cisco Content Security Management Appliance是一套内容安全管理设备。该设备主要用于管理电子邮件和Web安全设备的所有策略、报告、审计信息等。Cisco Web Security Appliance是一款Web安全设备。该设备提供基于SaaS的访问控制、实时网络报告和
CVSS Information
N/A
Vulnerability Type
N/A