CNNVD-202511-995 Information
CNNVD ID
CNNVD-202511-995
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
Siemens Altair Grid Engine是美国Siemens公司的一个分布式资源管理系统。 Siemens Altair Grid Engine V2026.0.0之前版本存在安全漏洞,该漏洞源于错误处理不当,在处理用户身份验证请求时泄露敏感密码哈希信息,可能导致本地攻击者提取特权账户密码哈希并进行离线暴力破解攻击。
Description (English)
Siemens Altair Grid Engineering is a distributed resource management system for Siemens in the United States. The security gap in the previous version of Siemens Altair Grid Engineering V2026.0.0, which resulted from mishandling, leaking sensitive password Hashi information when processing user identification requests, could lead local assailants to extract privileged account password Hashi and carry out offline violent cracking attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
西门子
Published
2025-11-11
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-514895.html https://access.redhat.com/security/cve/cve-2025-40760
Patch
https://cert-portal.siemens.com/productcert/html/ssa-514895.html
Share on: