Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "This is a customer specific issue related to their Kerberos authentication single sign-on application and not a vulnerability in the Blackboard product.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blackboard 学习系统访问确认漏洞
Vulnerability Description
** 存在争议 ** Blackboard Academic Suite 6.0及之前版本在对空闲用户取消身份验证时没有正确清除线程信息。这就使得后续用户能够以之前用户的身份登录并获取权限。注意:厂商对这一问题提出质疑,并说"这是特定于客户的问题,与他们的Kerberos身份验证单一登录应用程序有关,不属于 Blackboard 产品的漏洞。"
CVSS Information
N/A
Vulnerability Type
N/A