Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Cisco Evolved Programmable Network Manager 操作系统命令注入漏洞
Vulnerability Description
Cisco Evolved Programmable Network Manager是美国思科(Cisco)公司的一套网络管理解决方案。 Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, Cisco Prime Infrastructure 存在安全漏洞。经过身份验证的本地攻击者利用该漏洞可以获取 root 权限。
CVSS Information
N/A
Vulnerability Type
N/A