![]() Underlying OS: Linux (Any), UNIX (macOS/OS X), Windows (Any) Vendor URL: /security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe (Links to External Site) The vendor has assigned bug ID CSCvg19341 to this vulnerability.Īlain Homewood of Insomnia Security reported this vulnerability.Ī remote user can read and write information on the target system with the privileges of the target service. A remote user can conduct XML external entity attacks to read and write information on the target system.Ī remote user can supply specially crafted XML External Entity (XXE) data to exploit a flaw in the Profile Editor to read and write information on the target system with the privileges of the target service. Impact: Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user informationĪ vulnerability was reported in Cisco An圜onnect Secure Mobility Client. ![]() Home | View Topics | Search | Contact Us |Ĭisco An圜onnect Secure Mobility Client Profile Editor XML External Entity Processing Flaw Lets Remote Users Read and Write Information on the Target SystemĬVE Reference: CVE-2018-0100 (Links to External Site) ![]() Cisco An圜onnect Secure Mobility Client Profile Editor XML External Entity Processing Flaw Lets Remote Users Read and Write Information on the Target System - SecurityTracker
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |