exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2023-53943

около 2 месяцев назад

GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.

CVSS3: 5.3

EPSS: Низкий

CVE-2023-53943

около 2 месяцев назад

GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.

CVSS3: 5.3

EPSS: Низкий

CVE-2023-53943

около 2 месяцев назад

GLPI 9.5.7 contains a username enumeration vulnerability in the lost p ...

CVSS3: 5.3

EPSS: Низкий

GHSA-5w2x-g68p-qvmf

около 2 месяцев назад

GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-53943 GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2023-53943 GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
CVE-2023-53943 GLPI 9.5.7 contains a username enumeration vulnerability in the lost p ...	CVSS3: 5.3	0% Низкий	около 2 месяцев назад
GHSA-5w2x-g68p-qvmf GLPI 9.5.7 contains a username enumeration vulnerability in the lost password recovery mechanism that allows attackers to validate email addresses. Attackers can systematically test email addresses by submitting requests to the password reset endpoint and analyzing response differences to identify valid user accounts.	CVSS3: 5.3	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу