Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Northern.tech Mender 安全漏洞
Vulnerability Description
Northern.tech Mender是美国Northern.tech公司的一个安全可靠的远程更新解决方案。适用于任何规模的连接设备。 Northern.tech Mender存在安全漏洞,该漏洞源于存在错误的访问控制,导致攻击者权限可从低权限只读用户升级到高权限用户。受影响版本如下:3.3.2之前的3.3.x版本、3.5.0之前的3.5.x版本、3.6.0之前的3.6.x版本。
CVSS Information
N/A
Vulnerability Type
N/A