Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass Vulnerability
Vulnerability Description
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper token validation on a specific API endpoint. An attacker could exploit this vulnerability by sending a crafted request to the affected API. A successful exploit could allow the attacker to receive a token with administrator-level privileges that could be used to authenticate to the API on affected MSO and managed Cisco Application Policy Infrastructure Controller (APIC) devices.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Cisco ACI Multi-Site Orchestrator 安全漏洞
Vulnerability Description
Cisco Application Policy Infrastructure Controller(APIC)是美国思科(Cisco)公司的一款自动化的基础架构部署和治理解决方案。 Cisco ACI Multi-Site Orchestrator 存在安全漏洞,该漏洞允许未经身份验证的远程攻击者可利用该漏洞绕过受影响设备上的身份验证。
CVSS Information
N/A
Vulnerability Type
N/A