Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Catalyst Center Unprotected API Endpoint
Vulnerability Description
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Cisco Catalyst Center 访问控制错误漏洞
Vulnerability Description
Cisco Catalyst Center(Cisco DNA Center)是美国思科(Cisco)公司的一个网络管理系统。 Cisco Catalyst Center存在访问控制错误漏洞,该漏洞源于API端点缺少认证,可能导致代理配置修改攻击。
CVSS Information
N/A
Vulnerability Type
N/A