Lucene search
RootSSV:62055HistoryApr 03, 2014 - 12:00 a.m.
Cisco Web Security Appliance HTTP头重定向漏洞
2014-04-0300:00:00
Root
www.seebug.org
6
0.001 Low
EPSS
Percentile
50.6%
CVE ID:CVE-2014-2137
Cisco Web Security Appliance是安全的Web网关,在一个平台上集成了恶意软件防护、应用可视化控制、策略控制等。Cisco IronPort AsyncOS是电子邮件安全设备。
某些关于HTTP头的输入在用来重定向用户之前没有正确验证。这可以被利用来将用户重定向到任意网站。
0
Cisco Web Security Appliance 7.x
Cisco Web Security Appliance 8.x
目前没有详细解决方案:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137
Related
cve
cve
CVE-2014-2137
2014-04-02 03:58:17
nvd
nvd
CVE-2014-2137
2014-04-02 03:58:17
cvelist
cvelist
CVE-2014-2137
2014-04-02 01:00:00
cisco
cisco
Cisco WSA HTTP Header Injection Vulnerability
2014-04-01 19:37:11
prion
prion
Crlf injection
2014-04-02 03:58:00