Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco DNA Center Certificate Validation Vulnerability
Vulnerability Description
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when establishing a connection between DNA Center and an ISE server. An attacker could exploit this vulnerability by supplying a crafted certificate and could then intercept communications between the ISE and DNA Center. A successful exploit could allow the attacker to view and alter sensitive information that the ISE maintains about clients that are connected to the network.
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
Cisco DNA Center 信任管理问题漏洞
Vulnerability Description
Cisco DNA Center是美国思科(Cisco)公司的一个网络管理和命令中心服务。 Cisco DNA center 存在安全漏洞,该漏洞源于在DNA中心和ISE服务器之间建立连接时使用的X.509证书的不完全验证。攻击者可利用该漏洞提供一个精心制作的证书,然后可以拦截ISE和DNA中心之间的通信,进而查看和修改ISE维护的有关连接到网络的客户端的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A