CNVD-2016-01337 — Vulnetix

CNVD-2016-01337 PUBLISHED

Cisco ACE 4710 Application Control Engine是美国思科（Cisco）公司的一套属于ACE应用交换机系列且用于增加数据中心应用的安全和稳定性的负载均衡和应用交付解决方案。使用A5(3.0)及之前版本A5软件的Cisco ACE 4710 Application Control Engine中存在命令注入漏洞。远程攻击者可通过发送带有CLI命令的HTTP POST请求利用该漏洞绕过role-based access control(RBAC)限制。

Affected Products

Vendor	Product	Versions
	Cisco ACE 4710 Application Control Engine

Timeline

Feb 26, 2016 CVE ID Reserved
Mar 1, 2016 CVE Published

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-ace url

Open in Interactive Console →