Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Claroty Secure Remote Access Site - Authentication Bypass Using an Alternate Path or Channel
Vulnerability Description
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
Claroty Secure Remote Access 安全漏洞
Vulnerability Description
Claroty Secure Remote Access是美国Claroty公司的Claroty 平台的一个核心组件,为 OT 环境提供无摩擦、可靠且高度安全的远程访问。 Claroty Secure Remote Access 存在安全漏洞,该漏洞允许他们为web用户界面(UI)生成有效的会话令牌。
CVSS Information
N/A
Vulnerability Type
N/A