Security Advisory

CVE-2017-16629

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-11 20:08:19

Last updated 2024-08-05 20:27:04

Assigner mitre

State PUBLISHED

Description

In SapphireIMS 4097_1, it is possible to guess the registered/active usernames of the software from the errors it gives out for each type of user on the Login form. For "Incorrect User" - it gives an error "The application failed to identify the user. Please contact administrator for help." For "Correct User and Incorrect Password" - it gives an error "Authentication failed. Please login again."

← Browse all CVEs View on cve.org ↗