Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is received during authentication, the Kurmi application will record the (possibly forged) IP address mentioned in that header rather than the real IP address that the user logged in from. This fake IP address can later be displayed in the My Account popup that shows the IP address that was used to log in.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kurmi Provisioning Suite 安全漏洞
Vulnerability Description
Kurmi Provisioning Suite是Kurmi公司的一个基础设施管理套件。 Kurmi Provisioning Suite 7.9.0.33版本存在安全漏洞,该漏洞源于如果在身份验证期间收到 X-Forwarded-For 标头,Kurmi 应用程序会记录该标头中提到的(可能是伪造的)IP 地址,而不是用户登录时使用的真实 IP 地址。
CVSS Information
N/A
Vulnerability Type
N/A