Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response doesn't directly display a requested file, but rather returns it inside the name data field when the report is saved. An attacker is able to view restricted operating system files. This issue affects all types of users: administrators or normal users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tufin SecureTrack Audit Report模块代码问题漏洞
Vulnerability Description
Tufin SecureTrack是一套防火墙策略管理平台。 Tufin SecureTrack 18.1版本(TufinOS 2.16 build 1179(Final)版本)中的Audit Report模块存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。
CVSS Information
N/A
Vulnerability Type
N/A