Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxure™ Cybersecurity Admin Expert (CAE) (Versions prior to 2.2)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
使用欺骗进行的认证绕过
Vulnerability Title
Schneider Electric EcoStruxure Cybersecurity Admin Expert 安全漏洞
Vulnerability Description
Schneider Electric EcoStruxure Cybersecurity Admin Expert(Schneider Electric EcoStruxure CAE)是法国施耐德电气(Schneider Electric)公司的一个网络安全管理专家。 Schneider Electric EcoStruxure Cybersecurity Admin Expert 2.2之前的版本存在安全漏洞,该漏洞源于其允许攻击者实现身份验证绕过导致合法用户被锁定在设备之外,或通过欺骗本地网络上的设
CVSS Information
N/A
Vulnerability Type
N/A