漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations
Vulnerability Description
Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attackers to inject resources into the database and to bypass permission checks. This issue affects Secrets Manager, Self-Hosted (formerly Conjur Enterprise) prior to versions 13.5.1 and 13.6.1 and Conjur OSS prior to version 1.22.1. Conjur OSS version 1.22.1 and Secrets Manager, Self-Hosted versions 13.5.1 and 13.6.1 fix the issue.
CVSS Information
N/A
Vulnerability Type
授权机制缺失
Vulnerability Title
CyberArk Conjur 安全漏洞
Vulnerability Description
CyberArk Conjur是CyberArk开源的一个密钥管理软件。 CyberArk Conjur存在安全漏洞,该漏洞源于验证缺失,可能导致权限绕过。
CVSS Information
N/A
Vulnerability Type
N/A