Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Quanta Computer QOCA aim - Authorization Bypass
Vulnerability Description
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Quanta Computer QOCA aim 安全漏洞
Vulnerability Description
Quanta Computer QOCA aim是中国广达电脑(Quanta Computer)公司的一个 AI 辅助医学成像和自动推理平台。 Quanta Computer QOCA aim存在安全漏洞,该漏洞源于存在授权绕过用户控制密钥漏洞,允许具有常规权限的远程攻击者访问任意用户的特定功能并修改账户信息和权限,导致权限升级。
CVSS Information
N/A
Vulnerability Type
N/A