漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation
Vulnerability Description
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable a bi-directional Machine-in-the-Middle (MitM) attack.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
HPE Aruba Networking Wireless Operating System 安全漏洞
Vulnerability Description
HPE Aruba Networking Wireless Operating System是美国HPE公司的一个无线网络操作系统。 HPE Aruba Networking Wireless Operating System存在安全漏洞,该漏洞源于客户端隔离机制问题,可能导致攻击者绕过客户端间第2层通信限制并在第3层重定向流量,结合端口窃取攻击可能实现双向中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A