CNNVD-202601-3834 Information
CNNVD ID
CNNVD-202601-3834
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
Carrier i-Vu和Carrier Automated Logic WebCTRL都是美国Carrier公司的产品。Carrier i-Vu是一个楼宇管理系统平台。Carrier Automated Logic WebCTRL是一个楼宇自动化系统。 Carrier i-Vu和Carrier Automated Logic WebCTRL 6.0版本至9.0版本存在安全漏洞,该漏洞源于Web会话管理组件以可恢复格式存储密码,可能导致密码重用攻击。
Description (English)
Carrier i-Vu and Carrier Automated Logic WebCTRL are products of the American company Carrier. Carrier i-Vu is a building management system platform. Carrier Automated Logic WebCTRL is a building automation system. Carrier i-Vu and Carrier Automated Logic WebCTRL version 6.0 to 9.0 contains a security loophole that originates from the Web session management component to store the password in a recoverable format, which may lead to a re-use of the password.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Carrier
Published
2026-01-22
Last Modified
2026-02-24
References
https://www.corporate.carrier.com/product-security/advisories-resources/
Share on: