Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Accellion kiteworks 安全漏洞
Vulnerability Description
Accellion kiteworks是美国Accellion公司的一套企业安全文件共享和传输管理平台。 Accellion kiteworks 2017.01.00之前版本中存在身份验证绕过漏洞。远程攻击者可通过向/oauth/token URL发送POST请求利用该漏洞以Web用户身份执行API调用。
CVSS Information
N/A
Vulnerability Type
N/A