Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mobility 只读API 安全漏洞
Vulnerability Description
NetMotion Mobility是美国NetMotion公司的一种移动 VPN 软件。用于将企业网络安全地扩展到移动环境。 Mobility 的只读API存在安全漏洞,该漏洞源于访问控制不正确地验证用户访问权限。攻击者可利用该漏洞从API读取数据;无论访问控制组成员身份设置如何。此漏洞在Mobility v11.76和Mobility v12.14中已修复。
CVSS Information
N/A
Vulnerability Type
N/A