Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; queries for database objects would have been denied.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NetBox 安全漏洞
Vulnerability Description
NetBox是NetBox社区的一款基于Django、PostgreSql 用于IP地址管理(IPAM)和数据中心基础结构管理(DCIM)的工具。 NetBox v3.5.1版本存在安全漏洞,该漏洞源于允许未经身份验证的攻击者对 GraphQL 数据库执行查询,攻击者利用该漏洞可以访问存储在数据库中的敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A