Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multi Factor Authentication Bypass in various versions of Abacus ERP
Vulnerability Description
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second authentication factor. This issue affects: Abacus ERP v2022 versions prior to R1 of 2022-01-15; v2021 versions prior to R4 of 2022-01-15; v2020 versions prior to R6 of 2022-01-15; v2019 versions later than R5 (service pack); v2018 versions later than R5 (service pack). This issue does not affect: Abacus ERP v2019 versions prior to R5 of 2020-03-15; v2018 versions prior to R7 of 2020-04-15; v2017 version and prior versions and prior versions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
认证中关键步骤缺失
Vulnerability Title
Abacus ERP 多个 授权问题漏洞
Vulnerability Description
Abacus ERP是瑞士Abacus公司的一种用于管理和控制商业公司的解决方案。 Abacus ERP 多个版本存在安全漏洞,该漏洞源于身份验证过程存在问题。远程攻击者利用该漏洞可以绕过身份验证因素。
CVSS Information
N/A
Vulnerability Type
N/A