漏洞标题
Cisco小型企业系列交换机开放重定向漏洞
漏洞描述信息
思科小型企业系列交换机开放重定向漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Cisco Small Business Series Switches Open Redirect Vulnerability
漏洞描述信息
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
CVSS信息
N/A
漏洞类别
指向未可信站点的URL重定向(开放重定向)
漏洞标题
Cisco Small Business 200、300和500 Switches 输入验证错误漏洞
漏洞描述信息
Cisco Small Business 200 Series Managed Switches等都是美国思科(Cisco)公司的产品。Cisco Small Business 200 Series Managed Switches是一款200系列管理型交换机。Cisco Small Business 300 Series Managed Switches是一款300系列管理型交换机。Cisco Small Business 500 Series Managed Switches是一款500系列管理型交换
CVSS信息
N/A
漏洞类别
输入验证错误