Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICSA-20-140-02 Emerson OpenEnterprise
Vulnerability Description
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Emerson Electric OpenEnterprise 访问控制错误漏洞
Vulnerability Description
Emerson Electric OpenEnterprise是美国艾默生电气(Emerson Electric)公司的一套主要用于远程石油和天然气应用的数据采集与监控系统(SCADA)。 Emerson Electric OpenEnterprise 3.3.4及之前版本中存在访问控制错误漏洞。攻击者可利用该漏洞以系统权限执行任意命令或执行代码。
CVSS Information
N/A
Vulnerability Type
N/A