Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. Affects version: 6.5.1. Fix version: 6.6.0.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ericsson Erlang 操作系统命令注入漏洞
Vulnerability Description
Ericsson Erlang是瑞典爱立信(Ericsson)公司的一种通用的面向并发的编程语言。 Exposed Erlang 6.5.1版本存在安全漏洞,该漏洞源于暴露的Cookie可能会导致远程命令执行(RCE)攻击。攻击者可利用该漏洞可以使用cookie附加到Erlang节点上,并在运行Erlang节点的系统上运行OS级别的命令。
CVSS Information
N/A
Vulnerability Type
N/A