漏洞标题
N/A
漏洞描述信息
在Tecnomatix Plant Simulation V2302(所有低于V2302.0021的版本)和Tecnomatix Plant Simulation V2404(所有低于V2404.0010的版本)中发现了一个漏洞。受影响的应用程序未能正确限制对文件删除功能的访问。
这可能会允许未经授权的攻击者删除文件,即使系统访问应被禁止,也可能导致数据丢失或系统文件的未经授权的修改。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
关键资源的不正确权限授予
漏洞标题
N/A
漏洞描述信息
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict access to the file deletion functionality.
This could allow an unauthorized attacker to delete files even when access to the system should be prohibited, resulting in potential data loss or unauthorized modification of system files.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
漏洞类别
对外部实体的文件或目录可访问