Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XR Software Unauthorized Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain sensitive information within the configuration that otherwise might not have been accessible beyond the privileges of the invoking user.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过发送数据的信息暴露
Vulnerability Title
Cisco IOS和Cisco IOS XR 权限许可和访问控制问题漏洞
Vulnerability Description
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XR软件的CLI解析器中存在权限许可和访问控制问题漏洞,该漏洞是由于在执行特定命令期间未充分应用限制而引起的。攻击者可以通过在命令行上使用特定命令来利用此漏洞。成功的利用可能使攻击者能够在配置内获取敏感信息,否则这些信息可能无法通过调用用户的权限来访问。
CVSS Information
N/A
Vulnerability Type
N/A