漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret
Vulnerability Description
Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the plaintext secret to exchange it into an access and id tokens as part of the OpenID authentication flow.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Sparx Enterprise Architect 安全漏洞
Vulnerability Description
Sparx Enterprise Architect是澳大利亚Sparx公司的一款建模与设计工具。 Sparx Enterprise Architect存在安全漏洞,该漏洞源于凭据保护不足,客户端可能泄露明文OAuth2客户端密钥。
CVSS Information
N/A
Vulnerability Type
N/A