Описание
In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.7.0 (исключая)
cpe:2.3:a:tenable:securitycenter:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00416
Низкий
8.8 High
CVSS3
3.3 Low
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue.
EPSS
Процентиль: 61%
0.00416
Низкий
8.8 High
CVSS3
3.3 Low
CVSS2
Дефекты
NVD-CWE-noinfo