Описание
WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.1 (включая)
cpe:2.3:a:esi_products:webeoc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00718
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.
EPSS
Процентиль: 72%
0.00718
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other