Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UNAUTHENTICATED SERVER SIDE REQUEST FORGERY IN VEMBU PRODUCTS
Vulnerability Description
Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Vembu BDR Suite 跨站请求伪造漏洞
Vulnerability Description
Vembu BDR Suite是一个虚拟机管理系统。 Vembu BDR Suite 中存在跨站请求伪造漏洞,该漏洞源于允许通过指定主机名和端口号的GET请求进行未经验证的SSRF。以下产品及型号会受到影响:Vembu BDR Suite 4.2.0 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A