CVE-2023-20229

A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an affected system. This vulnerability is due to insufficient...

PT-2023-4432 · Cisco · Cisco Duo Device Health Application

Name of the Vulnerable Software and Affected Versions: Cisco Duo Device Health Application for Windows affected versions not specified Description: A vulnerability in the CryptoService function could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks...

Cisco Duo 路径遍历漏洞

Cisco Duo is a fully managed solution from Cisco, Inc. It provides secure access to your applications and data. A security vulnerability exists in the Cisco Duo Device Health Application that stems from insufficient validation of input and could allow an authenticated, low-privileged local attack...