Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SSRF In BeyondInsight
Vulnerability Description
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
BeyondInsight 安全漏洞
Vulnerability Description
BeyondInsight是美国BeyondTrust的一个特权访问管理 (PAM) 报告平台。 BeyondInsight 23.2之前版本存在安全漏洞,该漏洞源于HTTP的连接器执行任意服务器端请求,容易受到服务端请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A