漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability
Vulnerability Description
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system of an affected device. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to bypass file system permissions and overwrite arbitrary files on the affected device.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Cisco ThousandEyes Enterprise Agent 安全漏洞
Vulnerability Description
Cisco ThousandEyes Enterprise Agent是美国思科(Cisco)公司的一个应用程序。提供了扩展的可视性、自动化的见解和无缝的工作流程。 Cisco ThousandEyes Enterprise Agent存在安全漏洞,该漏洞源于本地文件系统访问控制不当,可能导致具有低权限的经过身份验证的本地攻击者覆盖任意文件。
CVSS Information
N/A
Vulnerability Type
N/A