漏洞标题
N/A
漏洞描述信息
在Cisco的CiscoWorks Common Services 4.0中,autologin.jsp的CRLF注入漏洞允许远程攻击者通过URL参数注入任意HTTP头部,并执行HTTP响应分割攻击,此漏洞被称为Bug ID CSCtu18693。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Cisco CiscoWorks Common Services ‘autologin.jsp’ 代码注入漏洞
漏洞描述信息
Cisco CiscoWorks Common Services 4.0版本中的autologin.jsp被用于Cisco Prime LAN Management Solution和其他产品中时存在CRLF注入漏洞。远程攻击者可利用该漏洞借助URL参数注入任意HTTP头进而执行HTTP响应拆分攻击,也称Bug ID CSCtu18693。
CVSS信息
N/A
漏洞类别
代码注入