Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N-central Authentication Bypass via Session Rebinding
Vulnerability Description
The N-central server is vulnerable to session rebinding of already authenticated users when using Entra SSO, which can lead to authentication bypass. This vulnerability is present in all Entra-supported deployments of N-central prior to 2024.3.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
N‑able N-Central 安全漏洞
Vulnerability Description
N‑able N-Central是N‑able公司的一个功能强大、可定制的远程监控和管理平台。 N‑able N-Central 2024.3 版本之前存在安全漏洞,该漏洞源于使用 Entra SSO 时,容易受到已通过身份验证的用户会话重新绑定的影响,这可能导致身份验证绕过。
CVSS Information
N/A
Vulnerability Type
N/A