exploitDog

GHSA-h455-phph-2r6j

Опубликовано: 07 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

Ссылки

EPSS

Процентиль: 58%

0.00368

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-204

Связанные уязвимости

CVE-2024-33856

CVSS3: 5.3

nvd

почти 2 года назад

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

EPSS

Процентиль: 58%

0.00368

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-204