漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an insecure direct object reference vulnerability. An authenticated malicious user in a multi-instance installation could potentially exploit this vulnerability by manipulating application resource references in user requests to bypass authorization checks, in order to gain execute access to AWF application resources.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
Archer Platform 安全漏洞
Vulnerability Description
Archer Platform是Archer公司的一个现代综合风险管理解决方案。 Archer Platform 6.14 P1 HF2 (6.14.0.1.2)之前的6.x版本存在安全漏洞,该漏洞源于允许经过身份验证的攻击者通过操纵用户请求来绕过授权检查,从而获得对AWF应用程序资源的执行访问权限,并利用此漏洞进行攻击。
CVSS Information
N/A
Vulnerability Type
N/A