5 matches found
CVE-2019-3990
A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality...
VMware Harbor User Enumeration (CVE-2019-3990)
Binary data vmwareharborCVE-2019-3990direct.nbin...
CVE-2019-3990
A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality...
CVE-2019-3990
A User Enumeration flaw exists in Harbor. The issue is present in the "/users" API endpoint. This endpoint is supposed to be restricted to administrators. This restriction is able to be bypassed and information can be obtained about registered users can be obtained via the "search" functionality...
CVE-2019-3990
Affected product: Harbor (Open Source Harbor registry). Vulnerability: User enumeration via the "/users" API endpoint, which should be administrator-restricted, can be bypassed. Information about registered users can be obtained through the "+search" functionality. Root cause / nature (as describ...