Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Identity Services Engine File Download Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. This vulnerability is due to incorrect permissions settings on an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the device. A successful exploit could allow the attacker to download files that should be restricted.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
特权授予不正确
Vulnerability Title
Cisco Identity Services Engine 安全漏洞
Vulnerability Description
Cisco Identity Services Engine(ISE)是美国思科(Cisco)公司的一款基于身份的环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。 Cisco Identity Services Engine (ISE) 存在安全漏洞,该漏洞源于思科身份服务引擎(ISE)基于web的管理界面上存在错误权限设置造成的。攻击者可利用该漏洞向设备发送精心设计的HTTP请求来利用这个漏洞。成功的攻击可以允许攻击者可利用该漏洞下载应该受到
CVSS Information
N/A
Vulnerability Type
N/A