Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts. Axis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
AXIS OS 安全漏洞
Vulnerability Description
AXIS OS是瑞典安讯士(AXIS)公司的一种边缘设备操作系统。 AXIS OS 11.11版本存在安全漏洞,该漏洞源于访问控制错误。攻击者利用该漏洞可以升级权限。
CVSS Information
N/A
Vulnerability Type
N/A