Security Advisory

CVE-2019-3990

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-03 16:55:15

Last updated 2024-08-04 19:26:27

Assigner tenable

State PUBLISHED

Description

A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality.

← Browse all CVEs View on cve.org ↗