7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.01 Low
EPSS
Percentile
83.6%
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.
CPE | Name | Operator | Version |
---|---|---|---|
bmc:remedy_action_request_system | bmc remedy action request system | eq | 5.01.02_patch_1267 |
osvdb.org/31658
secunia.com/advisories/23775
securityreason.com/securityalert/2162
securitytracker.com/id?1017515
www.alighieri.org/advisories/advisory-remedy50102.txt
www.securityfocus.com/archive/1/456949/100/0/threaded
www.securityfocus.com/archive/1/457078/100/0/threaded
www.securityfocus.com/bid/22066
www.vupen.com/english/advisories/2007/0204
exchange.xforce.ibmcloud.com/vulnerabilities/31527