Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource
Vulnerability Description
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Mirion Medical EC2 Software NMIS BioDose 安全漏洞
Vulnerability Description
Mirion Medical EC2 Software NMIS BioDose是德国Mirion Medical公司的一个管理和分析生物剂量测定数据的软件。 Mirion Medical EC2 Software NMIS BioDose V22.02及之前版本存在安全漏洞,该漏洞源于SQL账户默认具有sysadmin角色,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A