Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect authorization for traces request/download in CMC before 25.1.0
Vulnerability Description
An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can request and download trace files due to improper access restrictions, potentially exposing unauthorized network data.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Nozomi Networks CMC 安全漏洞
Vulnerability Description
Nozomi Networks CMC是美国Nozomi Networks公司的一款网络管理平台。 Nozomi Networks CMC 25.1.0之前版本存在安全漏洞,该漏洞源于访问控制不当,可能导致未经授权的网络数据泄露。
CVSS Information
N/A
Vulnerability Type
N/A