Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NeuVector 3.1 when configured to allow authentication via Active Directory, does not enforce non-empty passwords which allows an attacker with access to the Neuvector portal to authenticate as any valid LDAP user by providing a valid username and an empty password (provided that the active directory server has not been configured to reject empty passwords).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NeuVector 安全漏洞
Vulnerability Description
NeuVector是美国NeuVector公司的一套端到端的容器安全平台。该平台包括图像漏洞管理、准入控制和容器进程/文件系统保护等功能。 NeuVector 3.1版本中存在安全漏洞。攻击者可借助有效的用户名和空密码利用该漏洞以任意有效的LDAP用户身份进行身份验证。
CVSS Information
N/A
Vulnerability Type
N/A