exploitDog

GHSA-93m3-4vp5-23qr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

Ссылки

EPSS

Процентиль: 85%

0.02609

Низкий

CVE ID

Связанные уязвимости

CVE-2018-15131

CVSS3: 5.3

nvd

больше 6 лет назад

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

EPSS

Процентиль: 85%

0.02609

Низкий

CVE ID