Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN vManage Software Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device. This vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the file system and then accessing it through the web-based management interface. A successful exploit could allow the attacker to read arbitrary files from the file system of the underlying operating system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Cisco SD-WAN vManage 后置链接漏洞
Vulnerability Description
Cisco SD-WAN vManage是美国思科(Cisco)公司的一款可提供软件定义网络功能的软件。该软件为网络虚拟化的一种方式。 Cisco SD-WAN vManage 存在后置链接漏洞,该漏洞源于文件范围限制不足造成的。攻击者可利用该漏洞从底层操作系统的文件系统中读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A