Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS and IOS XE Software Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco IOS 和Cisco IOS XE 输入验证错误漏洞
Vulnerability Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS软件和Cisco IOS XE软件的CLI解析器存在安全漏洞,该漏洞源于允许经过身份验证的本地攻击者访问Flash,攻击者可利用该漏洞对位于flash:文件系统上的文件的只读访问权限,否则该文件系统可能无法访问。
CVSS Information
N/A
Vulnerability Type
N/A