Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Admin Shell Access Vulnerability in Rockwell Automation Verve Asset Manager
Vulnerability Description
A vulnerability exists in the Rockwell Automation Verve Asset Manager due to insufficient variable sanitizing. A portion of the administrative web interface for Verve's Legacy Agentless Device Inventory (ADI) capability (deprecated since the 1.36 release) allows users to change a variable with inadequate sanitizing. If exploited, it could allow a threat actor with administrative access to run arbitrary commands in the context of the container running the service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rockwell Automation Verve Asset Manager 安全漏洞
Vulnerability Description
Rockwell Automation Verve Asset Manager是美国罗克韦尔(Rockwell Automation)公司的一个供应商中立的 OT 端点管理平台。 Rockwell Automation Verve Asset Manager 1.39及之前版本存在安全漏洞,该漏洞源于变量清理不足,可能导致特权攻击者执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A