Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7.0 before ESD# 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP requests, aka Bug IDs 678497 and 678499.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sybase M-Business Anywhere安全漏洞
Vulnerability Description
Sybase M-Business Anywhere ESD# 3版本之前的6.7版本与ESD# 7之前的7.0版本中的服务器中的web administration interface中存在漏洞,该漏洞源于未明脚本未要求管理认证。远程认证用户可利用该漏洞借助HTTP请求列出或者删除用户账户,修改密码或者读取日志文件。
CVSS Information
N/A
Vulnerability Type
N/A