Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient Validation on Override Codes for Always-Enabled WARP Mode
Vulnerability Description
Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
服务端安全的客户端实施
Vulnerability Title
Cloudflare Zero Trust 安全漏洞
Vulnerability Description
Cloudflare Zero Trust是Cloudflare公司的取代了传统的安全边界,为世界各地的团队提供更快、更安全互联网的平台。 Cloudflare Zero Trust 存在安全漏洞,该漏洞源于缺乏服务器端验证,具有设备本地访问权限的攻击者可能会延长客户端授予的最大允许断开连接时间,通过覆盖代码更改运行的本地设备上的日期和时间。
CVSS Information
N/A
Vulnerability Type
N/A