漏洞标题
KylinSoft Kylin-software-properties 更改源访问控制
漏洞描述信息
在KylinOS上的KylinSoft kylin-software-properties中发现了一个漏洞,该漏洞已被宣布为严重。这个漏洞影响了changedSource功能。该操作会导致访问控制不当。攻击需要本地接触。该利用已公开披露,可能会被利用。升级到版本0.0.1-130可以解决这个问题。建议升级受影响的组件。该漏洞的标识符为VDB-230686。注意:供应商在此次披露初期就被联系,但未作任何回应。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
访问控制不恰当
漏洞标题
KylinSoft kylin-software-properties changedSource access control
漏洞描述信息
A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 0.0.1-130 is able to address this issue. It is recommended to upgrade the affected component. VDB-230686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
访问控制不恰当
漏洞标题
KylinSoft kylin-software-properties 安全漏洞
漏洞描述信息
KylinSoft kylin-software-properties是中国麒麟软件(KylinSoft)公司的一款应用程序。 KylinSoft kylin-software-properties 0.0.1-130之前版本存在安全漏洞,该漏洞源于访问控制不正确。
CVSS信息
N/A
漏洞类别
其他