漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
U.S. GAO EPDS and CBCA EDS network access control bypass
Vulnerability Description
The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) do not validate X-Forwarded-For HTTP headers, allowing a remote attacker with compromised administrator credentials to bypass network access controls and log in.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
通信信道源的不正确验证
Vulnerability Title
Government Accountability Office Electronic Protest Docketing System 授权问题漏洞
Vulnerability Description
Government Accountability Office Electronic Protest Docketing System是美国Government Accountability Office政府部门的一个电子抗议登记系统,主要用于在线提交、管理和跟踪针对美国联邦政府采购合同的异议及抗议案件。 Government Accountability Office Electronic Protest Docketing System存在授权问题漏洞,该漏洞源于未验证X-Forwarded-For
CVSS Information
N/A
Vulnerability Type
N/A