Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to write arbitrary files on the affected system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco?SD-WAN vManage Software 输入验证错误漏洞
Vulnerability Description
Cisco?SD-WAN vManage是美国思科(Cisco)公司的一款可提供软件定义网络功能的软件。该软件为网络虚拟化的一种方式。 Cisco?SD-WAN vManage Software 存在安全漏洞,该漏洞源于对HTTP请求的验证不足。攻击者可利用该漏洞在受影响的系统上写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A