Описание
Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login attempts.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:skyboxsecurity:skybox_manager_client_application:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00262
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 3.3
github
больше 3 лет назад
Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login attempts.
EPSS
Процентиль: 49%
0.00262
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200