Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an authenticated user is able to change an administrative user's e-mail address and send a forgot password email to themselves, thereby gaining administrative access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Center for Internet Security CIS-CAT Pro Dashboard 访问控制错误漏洞
Vulnerability Description
Center for Internet Security CIS-CAT Pro Dashboard是一套用于在仪表板上显示系统合规性的面板。 Center for Internet Security CIS-CAT Pro Dashboard 1.0.4之前版本中存在访问控制错误漏洞。攻击者可通过更改管理员邮箱地址,并发送密码找回邮件利用该漏洞获取管理员访问权限。
CVSS Information
N/A
Vulnerability Type
N/A