Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Publicly Known Cryptographic Machine Key In Procura Portal Application
Vulnerability Description
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
CWE-1394
Vulnerability Title
AlayaCare Procura Portal 安全漏洞
Vulnerability Description
AlayaCare Procura是AlayaCare公司的一个面向家庭和社区服务提供的家庭健康软件。 AlayaCare Procura Portal 9.0.1.2之前版本存在安全漏洞。攻击者利用该漏洞伪造自己的身份验证 cookie 并绕过应用程序的身份验证机制。
CVSS Information
N/A
Vulnerability Type
N/A