Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Cloud Web Security SQL Injection Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this vulnerability sending malicious requests to the affected device. An exploit could allow the attacker to modify values on or return values from the underlying database.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Cisco Cloud Web Security SQL注入漏洞
Vulnerability Description
Cisco Cloud Web Security(CWS)是美国思科(Cisco)公司的一套网络安全防护软件。 Cisco Cloud Web Security(CWS)中的Web UI存在SQL注入漏洞,该漏洞源于Web UI未正确验证SQL值。攻击者可通过发送恶意请求利用该漏洞执行任意的SQL查询。
CVSS Information
N/A
Vulnerability Type
N/A