Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Client-Side Enforcement of Server-Side Security in Delta Electronics DIAEnergie
Vulnerability Description
Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
服务端安全的客户端实施
Vulnerability Title
Delta Electronics DIAEnergie 授权问题漏洞
Vulnerability Description
Delta Electronics DIAEnergie是中国台湾台达电子(Delta Electronics)公司的一个工业能源管理系统,用于实时监控和分析能源消耗、计算能源消耗和负载特性、优化设备性能、改进生产流程并最大限度地提高能源效率。 Delta Electronics DIAEnergie v1.10.00.005 之前版本存在授权问题漏洞,该漏洞源于未在服务器端进行完全的权限验证,攻击者利用该漏洞可能绕过授权并访问特权功能。
CVSS Information
N/A
Vulnerability Type
N/A