Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN Software Information Disclosure Vulnerability
Vulnerability Description
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to access sensitive information. This vulnerability is due to improper protections on file access through the CLI. An attacker could exploit this vulnerability by running a CLI command that targets an arbitrary file on the local system. A successful exploit could allow the attacker to return portions of an arbitrary file, possibly resulting in the disclosure of sensitive information.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过错误消息导致的信息暴露
Vulnerability Title
Cisco SD-WAN 安全漏洞
Vulnerability Description
Cisco SD-WAN是美国思科(Cisco)公司的一种高度安全的云规模架构,具有开放性、可编程性和可扩展性。 Cisco SD-WAN 存在安全漏洞,该漏洞源于对通过CLI访问文件的保护不当造成的。漏洞可能允许经过身份验证的本地攻击者利用该漏洞访问敏感信息。攻击者可以通过运行针对本地系统上任意文件的CLI命令来利用这个漏洞。成功的攻击可以允许攻击者可利用该漏洞返回任意文件的一部分,可能导致敏感信息的泄露。
CVSS Information
N/A
Vulnerability Type
N/A