Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bottinelli Informatical Vedo Suite 安全漏洞
Vulnerability Description
Bottinelli Informatical Vedo Suite是意大利Bottinelli Informatica公司的一款面向纺织与设计行业的企业软件套件。 Bottinelli Informatical Vedo Suite 2024.17版本存在安全漏洞,该漏洞源于访问控制不当,可能导致未经身份验证的攻击者获取高权限JWT令牌。
CVSS Information
N/A
Vulnerability Type
N/A