Lucene search
K

5 matches found

CNVD
CNVD
added 2024/03/18 12:0 a.m.18 views

Delinea PAM Secret Server User Enumeration Vulnerability

Delinea PAM Secret Server is a key service manager from Delinea. A user enumeration vulnerability exists in Delinea PAM Secret Server version 11.4, which stems from a significant difference between valid and invalid login attempts, and can be exploited by a remote attacker to determine whether a...

5.3CVSS6.8AI score0.00476EPSS
Exploits0References1
NVD
NVD
added 2024/03/14 3:15 a.m.10 views

CVE-2024-25651

User enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This allows a remote attacker to determine whether a user is valid because of a difference in responses from the /oauth2/token endpoint...

5.3CVSS6.5AI score0.00476EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/14 12:0 a.m.18 views

CVE-2024-25651

User enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This allows a remote attacker to determine whether a user is valid because of a difference in responses from the /oauth2/token endpoint...

6.9AI score0.00476EPSS
Exploits0References1
OSV
OSV
added 2021/07/09 7:15 p.m.25 views

CVE-2021-32753

EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...

6.5CVSS7.1AI score
Exploits0References2
Cvelist
Cvelist
added 2021/07/09 7:5 p.m.43 views

CVE-2021-32753 Weak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.

EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...

8.3CVSS8.5AI score0.00799EPSS
Exploits0References2
Rows per page
Query Builder