Описание
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames.
EPSS
Процентиль: 20%
0.00064
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-203
Связанные уязвимости
CVSS3: 5.3
github
12 месяцев назад
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames.
EPSS
Процентиль: 20%
0.00064
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-203