Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Under heavy system utilization a random race condition can occur during authentication or token refresh operation. This flaw allows one user to be granted a token intended for another user, resulting in impersonation until the session is ended. This flaw cannot be intentionally exploited due to the required concurring action by two users. However, if the event occurs a user would be inadvertently exposed to another user’s system rights and data access.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Vulnerability Type
特权上下文切换错误
Vulnerability Title
Wind River Studio Developer 安全漏洞
Vulnerability Description
Wind River Studio Developer是美国Wind River Studio Developer公司的一款具有构建、测试和调试嵌入式系统应用的工具。 Wind River Studio Developer存在安全漏洞,该漏洞源于在高系统负载下身份验证或令牌刷新操作期间可能发生随机竞争条件,可能导致用户被授予其他用户的令牌,造成会话结束前的身份冒充。
CVSS Information
N/A
Vulnerability Type
N/A