Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Business Logic Error in Universal Software's FlexCity/Kiosk
Vulnerability Description
Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权定义了不安全动作
Vulnerability Title
Universal FlexCity/Kiosk 访问控制错误漏洞
Vulnerability Description
Universal FlexCity/Kiosk是土耳其Universal公司的一个智慧城市自助服务终端个系统。 Universal FlexCity/Kiosk 1.0.36之前版本存在访问控制错误漏洞,该漏洞源于特权定义包含不安全操作以及对关键功能缺少身份验证,可能导致访问控制列表未正确约束的功能和权限提升。
CVSS Information
N/A
Vulnerability Type
N/A