Описание
The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01185
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.
EPSS
Процентиль: 78%
0.01185
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-287