Username enumeration in present in Tufin SecureTrack. Itβs affecting all versions of SecureTrack. The vendor has decided not to fix this vulnerability. Vendorβs response: βThis attack requires access to the internal network. If an attacker is part of the internal network, they do not require access to TOS to know the usernamesβ.