漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent
Vulnerability Description
The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
AVEVA PI to CONNECT Agent 日志信息泄露漏洞
Vulnerability Description
AVEVA PI to CONNECT Agent是英国AVEVA公司的一个数据传输组件。 AVEVA PI to CONNECT Agent存在日志信息泄露漏洞,该漏洞源于具有事件日志读取器权限的攻击者可获取代理详细信息,可能导致未经授权的代理服务器访问。
CVSS Information
N/A
Vulnerability Type
N/A