Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated SubSonic backend access in Ampache
Vulnerability Description
Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and workaround guidance see the referenced GitHub security advisory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Ampache 授权问题漏洞
Vulnerability Description
Ampache是一款基于Web的音频/视频应用程序和文件管理器。 Ampache 存在授权问题漏洞,该漏洞允许使用进行未经验证的访问。
CVSS Information
N/A
Vulnerability Type
N/A