Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business Series Switches Session Credentials Replay Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of multiple Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain unauthorized access to the web-based management interface of an affected device. This vulnerability is due to insufficient expiration of session credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and then replaying the intercepted credentials toward the same device at a later time. A successful exploit could allow the attacker to access the web-based management interface with administrator privileges.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Cisco Small Business 代码问题漏洞
Vulnerability Description
Cisco Small Business是美国思科(Cisco)公司的一个交换机。 Cisco Small Business 存在代码问题漏洞,该漏洞是由于思科交换机的会话据证验证机制导致。攻击者可利用该漏洞重放有效的用户会话凭据,在未经授权的情况下登录web管理界面。
CVSS Information
N/A
Vulnerability Type
N/A