漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco Meeting Management Client-Server Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API users. An attacker could exploit this vulnerability by sending API requests to a specific endpoint. A successful exploit could allow the attacker to gain administrator-level control over edge nodes that are managed by Cisco Meeting Management.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
不充分特权处理不恰当
Vulnerability Title
Cisco Meeting Management 安全漏洞
Vulnerability Description
Cisco Meeting Management(CMM)是美国思科(Cisco)公司的一个 Cisco 本地视频会议平台 Cisco Meeting Server 的管理工具。 Cisco Meeting Management存在安全漏洞,该漏洞源于REST API用户授权不足,导致低权限认证远程攻击者可通过发送API请求到特定端点提升至管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A