Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Secure Web Appliance Range Request Bypass Vulnerability
Vulnerability Description
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Secure Web Appliance 输入验证错误漏洞
Vulnerability Description
Cisco Secure Web Appliance是美国思科(Cisco)公司的一个应用程序。用于保护网站。 Cisco Secure Web Appliance存在输入验证错误漏洞,该漏洞源于对HTTP请求头处理不当,允许未经身份验证的远程攻击者下载恶意文件。
CVSS Information
N/A
Vulnerability Type
N/A