Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass in Sechard Information Technologies' SecHard
Vulnerability Description
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring.This issue affects SecHard: before 3.3.0.20220411.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
特权API的不正确使用
Vulnerability Title
Nebula Informatics SecHard 安全漏洞
Vulnerability Description
Nebula Informatics SecHard是Nebula Informatics公司的一款用于实施零信任架构的多模块软件。 Nebula Informatics SecHard 3.3.0.20220411之前版本存在安全漏洞,该漏洞源于特权API使用不当、敏感信息明文传输和凭据保护不足,可能导致认证绕过和接口操纵。
CVSS Information
N/A
Vulnerability Type
N/A