Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN vManage Software XML External Entity Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by persuading a user to import a crafted XML file with malicious entries. A successful exploit could allow the attacker to read and write files within the affected application.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Cisco SD-WAN vManage Software 代码问题漏洞
Vulnerability Description
Cisco SD-WAN vManage Software是美国思科(Cisco)公司的一款用于SD-WAN(软件定义广域网络)解决方案的管理软件。 Cisco SD-WAN vManage Software 19.2.2及之前版本中的Web UI存在代码问题漏洞,该漏洞源于程序没有正确解析XML外部实体条目。远程攻击者可借助特制XML文件利用该漏洞在受影响的应用程序中读写文件。
CVSS Information
N/A
Vulnerability Type
N/A