3 matches found
CVE-2014-9577
VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...
CVE-2014-9577
Affected product/variant: VDG Security SENSE (formerly DIVA) version 2.3.13. Vulnerability type: information disclosure via the login process. Root cause / mechanism: the system sends the user database during login, enabling an authenticated remote user to read the response over TCP port 51410. I...
CVE-2014-9577
VDG Security SENSE formerly DIVA 2.3.13 sends the user database when a user logs in, which allows remote authenticated users to obtain usernames and password hashes by logging in to TCP port 51410 and reading the response...