Security Advisory

CVE-2019-18886

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-21 17:41:54

Last updated 2024-08-05 02:02:39

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. The ability to enumerate users was possible due to different handling depending on whether the user existed when making unauthorized attempts to use the switch users functionality. This is related to symfony/security.

← Browse all CVEs View on cve.org ↗