漏洞标题
Cisco I Oxx应用程序托管环境漏洞
漏洞描述信息
Cisco IOx应用托管环境漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H
漏洞类别
N/A
漏洞标题
Cisco IOx Application Hosting Environment Vulnerabilities
漏洞描述信息
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
Cisco IOS XE Software 路径遍历漏洞
漏洞描述信息
Cisco IOS XE Software是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在路径遍历漏洞。攻击者利用该漏洞通过Application Hosting Environment使用Cisco IOS XE。
CVSS信息
N/A
漏洞类别
路径遍历