Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Microsoft Power Pages Elevation of Privilege Vulnerability
Vulnerability Description
An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Microsoft Power Pages 访问控制错误漏洞
Vulnerability Description
Microsoft Power Pages是美国微软(Microsoft)公司的一个安全的企业级低代码 SaaS 平台,用于创建、托管和管理丰富的外部商业网站。 Microsoft Power Pages存在访问控制错误漏洞,该漏洞源于存在不当访问控制漏洞,允许未经授权的攻击者通过网络提升权限,从而可能绕过用户注册控制。
CVSS Information
N/A
Vulnerability Type
N/A