Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:44 a.m.18 views

CVE-2024-21671

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this...

3.7CVSS6.7AI score0.00398EPSS
Exploits0References1
Circl
Circl
added 2024/01/30 5:21 p.m.7 views

CVE-2024-21671

creationtimestamp| type| source ---|---|--- 2024-01-30 17:21:58+00:00| seen| https://t.me/ctinow/176103...

3.7CVSS4.5AI score0.00398EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/01/30 4:15 p.m.5 views

vantage6-algorithm-store (>=4.10.0 <=4.15.1rc1), vantage6-node (>=0.0.0 <=4.15.1rc1) +1 more potentially affected by CVE-2024-21671 via vantage6 (>=0.0.0 <=4.1.3)

vantage6 PYPI version =0.0.0, =4.10.0, =0.0.0, =0.0.0, =4.15.1rc1 Source cves: CVE-2024-21671 Source advisory: OSV:PYSEC-2024-31...

3.7CVSS5.4AI score0.00398EPSS
Exploits0
Cvelist
Cvelist
added 2024/01/30 3:43 p.m.40 views

CVE-2024-21671 vantage6 username timing attack

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this...

3.7CVSS4.9AI score0.00398EPSS
Exploits0References2
CVE
CVE
added 2024/01/30 3:43 p.m.69 views

CVE-2024-21671

The CVE-2024-21671 entry describes a username timing attack in the vantage6 login flow. Attackers could infer valid usernames from login response timing, aiding credential-based attacks. The issue is documented for vantage6 and is addressed by upgrading to version 4.2.0, which patches the vulnera...

3.7CVSS4.6AI score0.00398EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder