漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient privileges to run diagnostic scans. An attacker could exploit this vulnerability by entering a crafted SQL query into the password field of a diagnostic scan within SecurityCenter. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenable SecurityCenter SQL注入漏洞
Vulnerability Description
Tenable SecurityCenter是美国Tenable Network Security公司的一套包含Nessus的漏洞管理平台。该平台可简化漏洞扫描、管理和报告,并提供了一个控制台来管理Nessus的策略、警报、报告和插件。 Tenable SecurityCenter 5.5.0版本、5.5.1版本和5.5.2版本中存在SQL注入漏洞。远程攻击者可通过在SecurityCenter中向诊断扫描的密码字段输入特制的SQL查询利用该漏洞获取未授权的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A