Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Systemic Risk Value <=2.8.0 is vulnerable to improper access control in /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. Uploaded files are accessible via a predictable numerical ID parameter, allowing unauthorized users to increment or decrement the ID to access and download files they do not have permission to view.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Systemic RiskValue 安全漏洞
Vulnerability Description
Systemic RiskValue是Systemic公司的一种用于评估金融系统性风险价值的工具或框架。用于测量和分析金融系统性风险可能造成的潜在损失。 Systemic RiskValue 2.8.0及之前版本存在安全漏洞,该漏洞源于GetFile组件访问控制不当,未授权用户可以通过递增或递减ID参数访问和下载无权限查看的文件。
CVSS Information
N/A
Vulnerability Type
N/A