漏洞标题
N/A
漏洞描述信息
在Cisco Prime Infrastructure 3.1之前和Cisco Evolved Programmable Network Manager 1.2.4之前,Cisco的APIWeb界面允许远程验证的用户通过构造的JSON数据绕过预期的限制和获取敏感信息,并因此获得权限,该漏洞被称为CSCuy12409。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Cisco Prime Infrastructure和Cisco Evolved Programmable Network Manager 安全漏洞
漏洞描述信息
Cisco Prime Infrastructure(PI)和Cisco Evolved Programmable Network Manager(EPNM)都是美国思科(Cisco)公司的产品。PI是一套通过Cisco Prime LAN Management Solution(LMS)和Cisco Prime Network Control System(NCS)技术进行无线管理的解决方案;EPNM是一套网络管理解决方案。 Cisco PI 3.1之前版本和EPNM 1.2.4之前版本的API Web
CVSS信息
N/A
漏洞类别
授权问题