Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1). Affected products do not correctly invalidate user sessions upon user logout. This could allow a remote unauthenticated attacker, who has obtained the session token by other means, to re-use a legitimate user's session even after logout.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
不充分的会话过期机制
Vulnerability Title
Siemens SIMATIC PCS neo 代码问题漏洞
Vulnerability Description
Siemens SIMATIC PCS neo是德国西门子(Siemens)公司的一个分布式控制系统。 Siemens SIMATIC PCS neo存在代码问题漏洞,该漏洞源于用户注销后未正确使会话失效,可能导致会话重用。
CVSS Information
N/A
Vulnerability Type
N/A