漏洞标题
N/A
漏洞描述信息
Cisco FXOS软件和Cisco UCS Fabric Interconnect软件的CLI解析器中的一个漏洞可能导致 authenticated 本地攻击者在一个受影响的设备上引发缓冲区溢出。该漏洞是由于CLI解析器子系统的错误输入验证。攻击者可以通过超过用户输入的预期长度来利用此漏洞。一个成功的利用可能导致攻击者在受影响的系统上执行无授权代码并具有root权限。该漏洞影响Firepower 4100系列下一代防火墙、Firepower 9300安全设备、UCS 6100系列 Fabric Interconnects、UCS 6200系列 Fabric Interconnects和UCS 6300系列 Fabric Interconnects。Cisco bug ID: CSCvb61099, CSCvb86743。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.
CVSS信息
N/A
漏洞类别
输入验证不恰当
漏洞标题
多款Cisco产品FXOS Software和UCS Fabric Interconnect Software CLI解析器输入验证错误漏洞
漏洞描述信息
Cisco Firepower 4100 Series Next-Generation Firewall等都是美国思科(Cisco)公司的产品。Cisco Firepower 4100 Series Next-Generation Firewall是一款防火墙产品。UCS 6200 Series Fabric Interconnects是一套专用于Cisco设备的交换机矩阵。FXOS Software是一套运行在思科安全设备中的防火墙软件;UCS Fabric Interconnect Software是
CVSS信息
N/A
漏洞类别
缓冲区错误