Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Siemens SPPA-T3000 访问控制错误漏洞
Vulnerability Description
Siemens SPPA-T3000是德国西门子(Siemens)公司的一套主要用于发电厂的分布式控制系统。Application Server是其中的一个应用程序服务器。 Siemens SPPA-T3000 Application Server Service Pack R8.2 SP2之前版本中存在访问控制错误漏洞。攻击者可通过访问Application Highway利用该漏洞接收其他用户的密码哈希值并更改用户密码。
CVSS Information
N/A
Vulnerability Type
N/A