Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cerner Connectivity Engine 权限许可和访问控制问题漏洞
Vulnerability Description
Cerner Connectivity Engine(CCE)是美国塞纳(Cerner)公司的一款用于医疗行业的连接引擎。该产品主要用于医疗设备与护士呼叫等系统的连接。 Cerner CCE 4版本中存在安全漏洞。攻击者可利用该漏洞将权限提升至root。
CVSS Information
N/A
Vulnerability Type
N/A