Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Siemens Industrial Edge Management 授权问题漏洞
Vulnerability Description
Siemens Industrial Edge Management是德国西门子(Siemens)公司的一个平台,用于在靠近车间的计算平台上托管来自不同供应商的应用程序。 Siemens Industrial Edge Management 中存在授权问题漏洞,该漏洞源于产品对更改密码缺少有效的权限管理。攻击者在未经身份验证的前提下可通过该漏洞更改任意用户的密码。以下产品及版本受到影响:Industrial Edge Management V1.3 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A