Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unsecure Identity Verification
Vulnerability Description
The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes being sent to a malicious entity position on the local network. These hashes can subsequently be attacked through brute force and cracked if a weak password is used. This attack would only apply to domain joined systems.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
BD FACSChorus 安全漏洞
Vulnerability Description
BD FACSChorus是美国碧迪医疗(BD)公司的一款多通道流式细胞仪系统。 BD FACSChorus 存在安全漏洞,该漏洞源于被配置为允许根据用户操作传输散列用户凭证,而无需充分验证所请求资源的身份。
CVSS Information
N/A
Vulnerability Type
N/A