Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BlaB! AX和BlaB! WS 安全漏洞
Vulnerability Description
BlaB! AX和BlaB! WS中安全漏洞。攻击者可通过检索cookie盐值并创建有效的会话利用该漏洞提升权限。以下产品及版本受到影响:BlaB! AX 19.11版本,BlaB! AX Pro 19.11版本;BlaB! WS (client)19.11版本,BlaB! WS Pro (client)19.11版本。
CVSS Information
N/A
Vulnerability Type
N/A