2 matches found
CVE-2021-34580
In mymbCONNECT24, mbCONNECT24 = 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts...
CVE-2021-29687
IBM Security Identity Manager 7.0.2 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 200018...