Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cognex 3D-A1000 Dimensioning System Missing Authentication for Critical Function
Vulnerability Description
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. This could allow an attacker to escalate privileges to match those of the compromised account.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Cognex 3D-A1000 Dimensioning System 访问控制错误漏洞
Vulnerability Description
Cognex 3D-A1000 Dimensioning System是美国Cognex公司的一款紧凑型工业智能相机能够捕捉 3D 和 2D 的移动物体。 Cognex 3D-A1000 Dimensioning System 1.0.3 (3354)版本及之前版本存在访问控制错误漏洞,该漏洞源于关键功能缺少身份验证。攻击者利用该漏洞升级权限。
CVSS Information
N/A
Vulnerability Type
N/A