Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SysAid - CWE-918: Server-Side Request Forgery (SSRF)
Vulnerability Description
SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow exposing the local OS user's NTLMv2 hash
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Sysaid Technologies SysAid 代码问题漏洞
Vulnerability Description
Sysaid Technologies SysAid是以色列Sysaid Technologies公司的一套IT服务管理解决方案。 Sysaid Technologies SysAid 23.2.14 b18之前版本存在代码问题漏洞,该漏洞源于存在服务器端请求伪造(SSRF),可能允许暴露本地操作系统用户的NTLMv2哈希。
CVSS Information
N/A
Vulnerability Type
N/A