Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Siemens SINEMA Remote Connect Server 日志信息泄露漏洞
Vulnerability Description
Siemens SINEMA Remote Connect Server是德国西门子(Siemens)公司的一套远程网络管理平台。该平台主要用于远程访问、维护、控制和诊断底层网络。 Siemens SINEMA Remote Connect Server 3.1 之前版本存在安全漏洞,该漏洞源于自定义的 HTTP POST 请求可能会强制应用程序将给定用户的状态写入日志文件,从而暴露敏感的用户信息,从而为攻击者提供有价值的指导。
CVSS Information
N/A
Vulnerability Type
N/A