Описание
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.3.0 (исключая)
cpe:2.3:a:nicehash:miner:*:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00356
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-209
Связанные уязвимости
github
больше 3 лет назад
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address.
EPSS
Процентиль: 57%
0.00356
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-209