漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Input Validation in Bitdefender Endpoint Security Tools for Linux
Vulnerability Description
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
下载代码缺少完整性检查
Vulnerability Title
Bitdefender Endpoint Security Tool 输入验证错误漏洞
Vulnerability Description
Bitdefender Endpoint Security Tool是罗马尼亚比特梵德(Bitdefender)公司的一款终端安全管理工具。 Linux Bitdefender Endpoint Security Tools 6.2.21.155之前版本的Product Update 存在输入验证错误漏洞,攻击者利用该漏洞可以滥用Product Update的DownloadFile功能来实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A