漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Secure Web Appliance TBD Bypass Vulnerability
Vulnerability Description
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
Vulnerability Type
下载代码缺少完整性检查
Vulnerability Title
Cisco Secure Web Appliance 安全漏洞
Vulnerability Description
Cisco Secure Web Appliance是美国思科(Cisco)公司的一个应用程序。用于保护网站。 Cisco Secure Web Appliance存在安全漏洞,该漏洞源于动态矢量和流引擎对某些归档文件处理不当,可能导致绕过反恶意软件扫描器。
CVSS Information
N/A
Vulnerability Type
N/A