Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Umbrella Carriage Return Line Feed Injection Vulnerability
Vulnerability Description
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to the browser of the user.
CVSS Information
N/A
Vulnerability Type
对CRLF序列的转义处理不恰当(CRLF注入)
Vulnerability Title
Cisco Umbrella 注入漏洞
Vulnerability Description
Cisco Umbrella是美国思科(Cisco)公司的一套云安全平台。该平台能够预防网络钓鱼、恶意软件和勒索软件等网络威胁。 Cisco Umbrella中存在注入漏洞,该漏洞源于程序没有充分验证用户提交的输入。远程攻击者可通过诱使用户访问特制的URL利用该漏洞向发往用户浏览器的HTTP响应中注入任意的HTTP头。
CVSS Information
N/A
Vulnerability Type
N/A