Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
Vulnerability Description
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
CWE-61
Vulnerability Title
Cisco StarOS for Cisco ASR 5000 Series Routers 后置链接漏洞
Vulnerability Description
Cisco StarOS和Cisco ASR 5000都是美国思科(Cisco)公司的产品。Cisco StarOS是一套虚拟化操作系统。Cisco ASR 5000是一款5000系列网关产品。 Cisco StarOS for Cisco ASR 5000 Series Routers 存在安全漏洞,该漏洞允许经过身份验证的远程攻击者读取受影响设备上的任意文件。该漏洞是由于符号链接的不安全处理造成的。
CVSS Information
N/A
Vulnerability Type
N/A