Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Seceon aiSIEM before 6.3.2 (build 585) is prone to an unauthenticated account takeover vulnerability in the Forgot Password feature. The lack of correct configuration leads to recovery of the password reset link generated via the password reset functionality, and thus an unauthenticated attacker can set an arbitrary password for any user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Seceon aiSIEM 授权问题漏洞
Vulnerability Description
Seceon aiSIEM是一个全面的网络安全管理平台。可实时可视化、检测和消除威胁,持续改进安全态势、合规监控和报告以及策略管理。 Seceon aiSIEM在6.3.2(构建585)之前存在安全漏洞,该漏洞源于缺乏正确的配置将导致通过密码重置功能生成的密码重置链接的恢复,因此未经身份验证的攻击者可利用该漏洞可以为任何用户设置任意密码。
CVSS Information
N/A
Vulnerability Type
N/A