Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Cisco TelePresence Collaboration Endpoint Software 代码问题漏洞
Vulnerability Description
Cisco TelePresence Collaboration Endpoint Software是美国思科(Cisco)公司的一套协作终端软件。 Cisco TelePresence Collaboration Endpoint (CE)、RoomOS 存在代码问题漏洞,该漏洞源于对用户提供的输入的验证不正确,攻击者利用该漏洞可以绕过访问控制并进行 SSRF攻击。
CVSS Information
N/A
Vulnerability Type
N/A