Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account information. A low-privileged authenticated user can elevate his or her system privileges by modifying the information of a user role that is disabled in the client.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CIPPlanner CIPAce 安全漏洞
Vulnerability Description
CIPPlanner CIPAce是美国CIPPlanner公司的一套业务流程自动化和应用程序开发平台。 CIPPlanner CIPAce 9.17之前版本存在安全漏洞,该漏洞源于My Account和User Management组件存在访问控制缺陷,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A