6 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-32741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker is able to determine if the provided username exists and it's valid using Request New Password feature, based on the response time. CVE-2022-32741 Note...
OTRS Multiple Vulnerabilities (OSA-2022-09, OSA-2022-08, OSA-2022-07)
OTRS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...
CVE-2022-32741
Attacker is able to determine if the provided username exists and it's valid using Request New Password feature, based on the response time...
CVE-2022-32741
Attacker is able to determine if the provided username exists and it's valid using Request New Password feature, based on the response time...
UBUNTU-CVE-2022-32741
Attacker is able to determine if the provided username exists and it's valid using Request New Password feature, based on the response time...
CVE-2022-32741
The CVE-2022-32741 entry concerns OTRS (versions 7.x up to 7.0.35 and 8.x up to 8.0.23) where the Request New Password feature can leak valid usernames via response-time differences, enabling user enumeration. The root cause is timing-based information disclosure in the password-reset flow. The p...