Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sysaid – Sysaid System Takeover
Vulnerability Description
Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
Sysaid Technologies Sysaid 授权问题漏洞
Vulnerability Description
Sysaid Technologies SysAid是以色列Sysaid Technologies公司的一套IT服务管理解决方案。 Sysaid Technologies Sysaid 存在安全漏洞,该漏洞源于应用的身份验证存在问题。攻击者可以通过访问/wmiwizard.jsp,然后访问/ConcurrentLogin.jsp,然后单击登录按钮利用该漏洞绕过身份验证过程。
CVSS Information
N/A
Vulnerability Type
N/A