漏洞标题
N/A
漏洞描述信息
在ABB VSN300 WiFi Logger Card versions 1.8.15 and prior,以及VSN300 WiFi Logger Card for React versions 2.1.3 and prior中发现了一个权限、特权和访问控制问题。应用程序未正确限制Guest用户的权限。恶意用户可能能够访问应该被限制的配置文件信息。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A malicious user may be able to gain access to configuration information that should be restricted.
CVSS信息
N/A
漏洞类别
权限、特权和访问控制
漏洞标题
ABB VSN300 WiFi Logger Card和VSN300 WiFi Logger Card for React 权限许可和访问控制漏洞
漏洞描述信息
ABB VSN300 WiFi Logger Card和VSN300 WiFi Logger Card for React都是瑞士Asea Brown Boveri(ABB)公司的无线数据记录卡产品。 ABB VSN300 WiFi Logger Card和VSN300 WiFi Logger Card for React中存在安全漏洞,该漏洞源于程序没有正确的限制‘Guest’账户的权限。攻击者可利用该漏洞获取配置文件的访问权限。以下版本受到影响:ABB VSN300 WiFi Logger Card
CVSS信息
N/A
漏洞类别
权限许可和访问控制问题