Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
An unauthenticated privilege escalation vulnerability affects HCL MyCloud
Vulnerability Description
HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
特权管理不恰当
Vulnerability Title
HCL MyCloud 安全漏洞
Vulnerability Description
HCL MyCloud是印度HCL公司的一种混合云生命周期管理产品,可为云基础架构提供最佳治理和监控。 HCL MyCloud 10.8.1版本存在安全漏洞,该漏洞源于访问控制不当,可能导致未经验证的用户进行权限提升、信息泄露、服务端请求伪造和拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A