Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. An attacker suitably positioned to view a legitimate user's network traffic could record and monitor their interactions with the web services and obtain any information the user supplies, including Administrator passwords and screen keys.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mersive Solstice Pod 授权问题漏洞
Vulnerability Description
Mersive Solstice Pod是美国Mersive公司的一款应用于会议屏幕共享的软件。 Solstice Pod before 3.0.3 存在安全漏洞,该漏洞源于web服务允许用户通过浏览器查看功能,通过未加密的通道连接到它们。能够查看合法用户网络流量的攻击者可利用该漏洞可以记录和监视他们与web服务的交互,并获得用户提供的任何信息,包括管理员密码和屏幕密钥。
CVSS Information
N/A
Vulnerability Type
N/A