漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco IOS XE Software Guest Shell Unauthorized File System Access Vulnerability
Vulnerability Description
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco IOS XE file system permissions 访问控制错误漏洞
Vulnerability Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE的文件系统权限存在安全漏洞,该漏洞源于受影响的设备上的文件系统权限不足所致。攻击者可利用该漏洞查看或修改系统管理员通常无法访问的受限信息或配置。
CVSS Information
N/A
Vulnerability Type
N/A