4 matches found
CVE-2024-54002
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Performing a login request against the /api/v1/user/login endpoint with a username that exist in the system takes significantly longer than performing the same...
CVE-2024-54002
creationtimestamp| type| source ---|---|--- 2024-12-04 15:40:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113595307922783526 2024-12-04 17:35:58+00:00| seen| https://t.me/cvedetector/12012...
CVE-2024-54002 Dependency-Track allows enumeration of managed users via /api/v1/user/login endpoint
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Performing a login request against the /api/v1/user/login endpoint with a username that exist in the system takes significantly longer than performing the same...
CVE-2024-54002 Dependency-Track allows enumeration of managed users via /api/v1/user/login endpoint
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Performing a login request against the /api/v1/user/login endpoint with a username that exist in the system takes significantly longer than performing the same...