漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via .NET Remoting
Vulnerability Description
Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling techniques. Attackers can capture the leaked NTLMv2 hash and relay it to other hosts to achieve privilege escalation or lateral movement depending on network configuration and patch level.
CVSS Information
N/A
Vulnerability Type
未有动机的代理或中间人(混淆代理)
Vulnerability Title
Unisys WebPerfect Image Suite 安全漏洞
Vulnerability Description
Unisys WebPerfect Image Suite是美国Unisys公司的一个企业文档影像处理与管理系统。 Unisys WebPerfect Image Suite 3.0.3960.22810版本和3.0.3960.22604版本存在安全漏洞,该漏洞源于暴露了已弃用的.NET Remoting TCP通道,可能导致远程未经验证的攻击者通过对象反序列化技术泄露NTLMv2机器账户哈希。
CVSS Information
N/A
Vulnerability Type
N/A