Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Session ID leakage in Zone.Identifier of downloaded files
Vulnerability Description
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream (ADS) for all files downloaded from potentially untrusted sources.
CVSS Information
N/A
Vulnerability Type
CWE-1230
Vulnerability Title
CGM CLININET 安全漏洞
Vulnerability Description
CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在安全漏洞,该漏洞源于会话ID通过NTFS备用数据流泄露。
CVSS Information
N/A
Vulnerability Type
N/A