Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mathcad 本地用户绕过安全机制漏洞
Vulnerability Description
Mathcad 12版本至13.1版本允许本地用户直接通过文本编辑器或其他类似程序编辑XML的工作表陈述,绕过安全机制,攻击者可以(1)通过替代具有已知密码信息的密码字段绕过密码保护机制,(2)修改时间标记以躲避修改检测,(3)通过删除"is-locked"属性解锁,(4)察看在空白文本中的锁定数据。
CVSS Information
N/A
Vulnerability Type
N/A