Cisco Umbrella Enumeration Vulnerability

Cisco Umbrella is a cloud-based security platform from Cisco, a U.S. company. The platform prevents cyber threats such as phishing, malware, and ransomware.An enumeration vulnerability exists in Cisco Umbrella, which stems from an overly descriptive error message appearing on the dashboard when a user attempts to change their email address when a new address already exists on the system. An attacker could exploit the vulnerability to enumerate the email addresses of users on the system.