Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SICK Incoming Goods Suite privilege escalation vulnerability
Vulnerability Description
A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting this misconfiguration leads to the fact that an attacker can gain administrative control. over the whole system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
带着不必要的权限执行
Vulnerability Title
SICK Incoming Goods Suite 安全漏洞
Vulnerability Description
SICK Incoming Goods Suite是德国西克(SICK)公司的一个物流数字和服务软件。可以手动扫描所有进货,轻松记录货物输入并提高透明度。 SICK Incoming Goods Suite存在安全漏洞,该漏洞源于使用以root权限运行的组件供应商Docker镜像,因此具有底层系统非特权访问权限的用户可获得管理级别权限导致攻击者可以获得对整个系统的管理控制权。
CVSS Information
N/A
Vulnerability Type
N/A