Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Agiloft insecure download of system packages
Vulnerability Description
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
下载代码缺少完整性检查
Vulnerability Title
Agiloft 安全漏洞
Vulnerability Description
Agiloft是美国Agiloft公司的一个合同管理平台。 Agiloft存在安全漏洞,该漏洞源于通过不安全的HTTP连接下载关键系统包,可能导致中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A