Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper authentication in YMS VIS Pro
Vulnerability Description
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and farm. Due to a combination of improper method for system credentials generation and weak password policy, passwords can be easily guessed and enumerated through brute force attacks. Successful attacks can lead to unauthorised access and execution of operations based on assigned user permissions. This vulnerability affects VIS Pro in versions <= 3.3.0.6. This vulnerability has been mitigated by changes in authentication mechanisms and implementation of additional authentication layer and strong password policies.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
弱口令要求
Vulnerability Title
YMS VIS 安全漏洞
Vulnerability Description
YMS VIS是一个面向兽医和食品管理、兽医和农场的信息系统。 YMS VIS Pro 3.3.0.6版本存在安全漏洞,该漏洞源于系统凭证生成方法不当和密码策略薄弱,密码很容易通过暴力攻击被猜测和枚举。
CVSS Information
N/A
Vulnerability Type
N/A