Описание
Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
Ссылки
- PatchVendor AdvisoryURL Repurposed
- PatchVendor AdvisoryURL Repurposed
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:tarantella:secure_global_desktop:enterprise_3.42:*:*:*:*:*:*:*
cpe:2.3:a:tarantella:secure_global_desktop:enterprise_4.0:*:*:*:*:*:*:*
cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*
cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00428
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
EPSS
Процентиль: 62%
0.00428
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other