Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Advantech WebAccess SCADA
Vulnerability Description
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
Advantech WebAccess 授权问题漏洞
Vulnerability Description
Advantech WebAccess是中国台湾研华(Advantech)公司的一套基于浏览器架构的HMI/SCADA软件。该软件支持动态图形显示和实时数据控制,并提供远程控制和管理自动化设备的功能。 Advantech WebAccess SCADA 存在授权问题漏洞,该漏洞源于经过身份验证的用户可以使用 API 函数向其他用户公开项目名称和路径。
CVSS Information
N/A
Vulnerability Type
N/A