Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Network Services Orchestrator Path Traversal Vulnerability
Vulnerability Description
A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain HTTP-based APIs do not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
路径遍历:’…/…//’
Vulnerability Title
Cisco?Network Services Orchestrator 安全漏洞
Vulnerability Description
Cisco Network Services Orchestrator(NSO)是美国思科(Cisco)公司的一套网络自动化服务解决方案。 Cisco?Network Services Orchestrator 存在安全漏洞,攻击者可利用该漏洞访问受影响系统上的敏感文件。
CVSS Information
N/A
Vulnerability Type
N/A