漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco IOx Application Hosting Environment Command Injection Vulnerability
Vulnerability Description
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
参数问题
Vulnerability Title
Cisco Iox 操作系统命令注入漏洞
Vulnerability Description
Cisco Iox是美国思科(Cisco)公司的一个结合了Cisco IOS和Linux OS用于安全网络连接以及开发IOT应用的安全开发环境。 Cisco Iox存在安全漏洞,该漏洞源于为激活应用程序而传入的参数未完全清理,攻击者利用该漏洞可以以root用户身份在底层主机操作系统上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A