Security Advisory

CVE-2021-34580

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-27 10:25:09

Last updated 2024-09-17 01:41:24

Assigner CERTVDE

State PUBLISHED

Description

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts.

← Browse all CVEs View on cve.org ↗