Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Email Security Appliance Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to insufficient validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the interface of an affected device. A successful exploit could allow the attacker to obtain the IP addresses that are configured on the internal interfaces of the affected device. There is a workaround that addresses this vulnerability.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco AsyncOS 输入验证错误漏洞
Vulnerability Description
Cisco Email Security Appliance(ESA)是美国思科(Cisco)公司的一个电子邮件安全设备。 Cisco AsyncOS的Web管理界面中存在安全漏洞,该漏洞源于基于Web的管理界面身份验证强度不足,允许远程攻击者访问受影响设备上的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A