Security Advisory

CVE-2019-11232

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-19 16:50:48

Last updated 2024-08-04 22:48:09

Assigner mitre

State PUBLISHED

Description

EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user information (Password) without being authenticated, by sending an EMP_NO element to the kws_login/asp/query_user.asp URI, and then reading the PWD element.

← Browse all CVEs View on cve.org ↗