Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API. An attacker can also gain privileges by modifying text. The default installation is unsafe because the server listens on the network interface, not the localhost interface.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
DocuWare Fulltext Search server 安全漏洞
Vulnerability Description
DocuWare Fulltext Search server是德国DocuWare公司的一款全文检索服务器。 DocuWare Fulltext Search server 6.11及之前的版本中存在安全漏洞。远程攻击者可利用该漏洞连接并下载Solr服务中可检索的文本,绕过DocuWare访问控制功能,获取提升的权限。
CVSS Information
N/A
Vulnerability Type
N/A