Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CloudExplorer Lite permission bypass vulnerability
Vulnerability Description
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with `matching/API/`, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
CloudExplorer Lite 授权问题漏洞
Vulnerability Description
CloudExplorer Lite是CloudExplorer公司的提供开箱即用的云主机管理、云账单、运营分析和安全合规等基本功能,同时还可提供强大的扩展能力以满足企业的定制化需求的平台。 CloudExplorer Lite 1.4.1之前版本存在授权问题漏洞,该漏洞源于存在权限绕过漏洞。
CVSS Information
N/A
Vulnerability Type
N/A