Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Cisco Secure Client 安全漏洞
Vulnerability Description
Cisco Secure Client是美国思科(Cisco)公司的一个用于连接虚拟专用网络的软件。 Cisco Secure Client 存在安全漏洞,该漏洞源于 ISE Posture (System Scan) 模块中存在漏洞,可能允许经过身份验证的本地攻击者提升受影响设备上的权限。
CVSS Information
N/A
Vulnerability Type
N/A