Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle.
CVSS Information
N/A
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Cisco 4300 Series Integrated Services Routers和Cisco Catalyst 9800-L Wireless Controllers IOS XE 数据伪造问题漏洞
Vulnerability Description
Cisco IOS XE是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco 4300 Series Integrated Services Routers和Cisco Catalyst 9800-L Wireless Controllers中的Cisco IOS XE IPsec VPN存在数据伪造问题漏洞,该漏洞源于程序未验证接收ESP数据包的真实性。远程攻击者可通过篡改ESP明文值利用该漏洞断开与设备的IPsec VPN会话。
CVSS Information
N/A
Vulnerability Type
N/A