Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege escalation when logged in as a non-administrative user.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Schneider Electric EcoStruxure IT Gateway 信任管理问题漏洞
Vulnerability Description
Schneider Electric EcoStruxure IT Gateway是法国施耐德电气(Schneider Electric)公司的一套基于云的数据中心管理即服务(DMaaS)产品。 Schneider Electric EcoStruxure IT Gateway 1.20.x及之前版本存在信任管理问题漏洞,该漏洞源于存在使用硬编码凭据漏洞,当以非管理员用户身份登录时可能会导致本地特权升级。
CVSS Information
N/A
Vulnerability Type
N/A