2 matches found
CVE-2021-34580 Remote user enumeration in mymbCONNECT24, mbCONNECT24 <= 2.9.0
In mymbCONNECT24, mbCONNECT24 = 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts...
CVE-2021-34580
Summary: CVE-2021-34580 affects MB CONNECT LINE mbCONNECT24 (and mbCONNECT24) up to version 2.9.0. An unauthenticated attacker can enumerate valid backend users by observing the server’s response to crafted invalid login attempts. The provided documents describe the vulnerability as a user-enumer...