Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified (binary patched) and the Bypass Login functionality is being used, an attacker can request every Collector's functionality as if they were a properly logged-in user: administrating connected instances, reviewing logs, editing configurations, accessing the instances' consoles, accessing hardware configurations, etc.Exploiting this vulnerability won't grant an attacker access nor control on remote ISP servers as no credentials is sent with the request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TSMManager Collector 信息泄露漏洞
Vulnerability Description
Tsmmanager TSMManager Collector是美国TSMManager(Tsmmanager)公司的一个可以对分布式存储管理器、Tivoli 存储管理器、磁盘存储管理器进行监视、管理,操作,控制的软件。 JamoDat TSMManager Collector 6.5.0.21版本存在信息泄露漏洞,该漏洞源于收集器组件没有正确地向查看器验证经过身份验证的会话,攻击者可利用该漏洞可以请求每个收集器的功能就像一个正常登录用户:管理连接的情况下,检查日志,编辑配置,访问实例的主机,访问硬件配置
CVSS Information
N/A
Vulnerability Type
N/A