Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values, which makes it easier for remote attackers to predict a value by determining the internal state of the PRNG in this class.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Orient OrientDB Server Community Edition Studio组件信息泄露漏洞
Vulnerability Description
Orient OrientDB Server Community Edition是英国Orient公司的OrientDB(开源的NoSQL数据库管理系统)服务器的一个社区版。Studio是其中的一个web管理界面组件。 Orient OrientDB Server Community Edition 2.0.14及之前的版本和2.1.0版本中的Studio组件的server/network/protocol/http/OHttpSessionManager.java文件中存在安全漏洞,该漏洞源于java.
CVSS Information
N/A
Vulnerability Type
N/A