漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability
Vulnerability Description
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the logic that governs directory permissions. An attacker could exploit this vulnerability by using capabilities that are not controlled by the role-based access control (RBAC) mechanisms of the software. A successful exploit could allow the attacker to overwrite files on an affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Cisco Enterprise NFV Infrastructure Software 路径遍历漏洞
Vulnerability Description
Cisco Enterprise NFV Infrastructure Software(NFVIS)是美国思科(Cisco)公司的一套NVF基础架构软件平台。该平台可以通过中央协调器和控制器实现虚拟化服务的全生命周期管理。 Cisco?Enterprise NFV Infrastructure Software (NFVIS) 存在安全漏洞,该漏洞源于网络系统或产品缺乏有效的权限许可和访问控制措施,攻击者可利用该漏洞访问受限目录之外的位置。
CVSS Information
N/A
Vulnerability Type
N/A