Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the sudoers file).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SolarWinds N-Central 操作系统命令注入漏洞
Vulnerability Description
SolarWinds N-Central是新加坡SolarWinds公司的一个 IT 设备管理平台。该平台可提供主动监视客户网络上的所有内容,而不仅仅是服务器和工作站,并快速进行故障排除,使用MFA,防病毒,集成的端点检测和响应,数据备份,磁盘等功能,始终抵御威胁加密,电子邮件保护和密码管理等。 SolarWinds N-Central 12.3.0.670版本存在安全漏洞,该漏洞源于sudo配置具有不正确的访问控制,因为nable web用户帐户可以作为根用户有效地运行任意OS命令(即根权限的使用不限于
CVSS Information
N/A
Vulnerability Type
N/A