Описание
The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.16 (исключая)
cpe:2.3:a:hcl:domino_appdev_pack:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.0022
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-203
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.
EPSS
Процентиль: 44%
0.0022
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-203