Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System exposure of information through directory listing
Vulnerability Description
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all content of the directory will be displayed, allowing an attacker to identify and access files on the server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过目录枚举导致的信息暴露
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System 信息泄露漏洞
Vulnerability Description
Fresenius Kabi Agilia Connect Infusion System是德国Fresenius Kabi公司的一个输液系统。 Fresenius Kabi Agilia Connect Infusion System存在安全漏洞,该漏洞源于Vigilant API有激活自动索引(目录列表)的选项。当访问一个目录时,web服务器以HTML的形式传递它的全部内容。如果索引文件不存在,并且启用了目录列表功能,则会显示目录的所有内容,使攻击者可利用该漏洞能够识别并访问服务器上的文件。
CVSS Information
N/A
Vulnerability Type
N/A