Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BullWall Server Intrusion Protection RDP MFA connection delay
Vulnerability Description
BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
BullWall Server Intrusion Protection 安全漏洞
Vulnerability Description
BullWall Server Intrusion Protection是丹麦BullWall公司的一个服务器安全软件。 BullWall Server Intrusion Protection 4.6.0.0版本、4.6.0.6版本、4.6.0.7版本和4.6.1.4版本存在安全漏洞,该漏洞源于MFA检查延迟,可能导致特权攻击者在窗口期绕过检测。
CVSS Information
N/A
Vulnerability Type
N/A