Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CCH Wolters Kluwer ProSystem fx Engagement (aka PFX Engagement) 7.1 and earlier uses weak permissions (Authenticated Users: Modify and Write) for the (1) Pfx.Engagement.WcfServices, (2) PFXEngDesktopService, (3) PFXSYNPFTService, and (4) P2EWinService service files in PFX Engagement\, which allows local users to obtain LocalSystem privileges via a Trojan horse file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CCH Wolters Kluwer PFX Engagement 权限许可和访问控制漏洞
Vulnerability Description
CCH Wolters Kluwer ProSystem fx Engagement(又名PFX Engagement)是荷兰CCH Wolters Kluwer公司的一套会计与审计管理工具。该工具支持创建财务报表、导出报税表、审查税务数据等。 CCH Wolters Kluwer ProSystem fx Engagement 7.1及之前版本中存在安全漏洞,该漏洞源于程序为PFX Engagement\ URI中的Pfx.Engagement.WcfServices、 PFXEngDesktopSer
CVSS Information
N/A
Vulnerability Type
N/A