漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Vulnerability Type
通过数据查询的敏感数据暴露
Vulnerability Title
Cisco Secure Web Appliance 安全漏洞
Vulnerability Description
Cisco AsyncOS和Cisco Secure Web Appliance都是美国思科(Cisco)公司的产品。Cisco AsyncOS是一款应用于思科设备的操作系统。Cisco Secure Web Appliance是一个应用程序。用于保护网站。 Cisco Secure Web Appliance存在安全漏洞,该漏洞源于允许未经身份验证的攻击者绕过配置规则并接收设备本应拒绝的流量。
CVSS Information
N/A
Vulnerability Type
N/A