Default credentials

2023-01-1021:15:00

PRIOn knowledge base

www.prio-n.com

talend

administration center

tac-15950

enumeration

accounts

remote attackers

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.1%

JSON

In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via a series of requests.

CPENameOperatorVersion
administration_centereq7.3.1

CPE	Name	Operator	Version
	administration_center	eq	7.3.1

References

excellium-services.com/cert-xlm-advisory/CVE-2022-30332

help.talend.com/r/62tbPt7y~tPTxAB7y7KpeQ/H45WqEF32geNEZiGJnRwmw