Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ICSA-22-053-01 GE Proficy CIMPLICITY-IPM
Vulnerability Description
Exploitation of this vulnerability may result in local privilege escalation and code execution. GE maintains exploitation of this vulnerability is only possible if the attacker has login access to a machine actively running CIMPLICITY, the CIMPLICITY server is not already running a project, and the server is licensed for multiple projects.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
GE Proficy CIMPLICITY-IPM 安全漏洞
Vulnerability Description
GE Proficy CIMPLICITY-IPM是GE的用于本地和云存储和分析。 GE Proficy CIMPLICITY-IPM存在安全漏洞,利用此漏洞可能会导致本地权限提升和代码执行。GE 坚持认为,只有在攻击者能够登录访问正在运行 CIMPLICITY 的机器、CIMPLICITY 服务器尚未运行项目且服务器已获得多个项目许可的情况下,才有可能利用此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A