Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A CWE-863: Incorrect Authorization vulnerability exists that could allow remote code execution on upload and install packages when a hacker is using a low privileged user account. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
Schneider Electric StruxureWare Data Center Expert 安全漏洞
Vulnerability Description
Schneider Electric StruxureWare Data Center Expert(StruxureWare数据中心管理专家)是法国施耐德电气(Schneider Electric)公司的一种监控软件。适用于各种组织监控其全公司范围内的电力、制冷、安全、环境。 Schneider Electric StruxureWare Data Center Expert 7.9.2 版本之前存在安全漏洞,该漏洞源于存在允许远程代码执行的错误授权漏洞。
CVSS Information
N/A
Vulnerability Type
N/A