4 matches found
Design/Logic Flaw
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names...
CVE-2007-0310
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names...
CVE-2007-0310
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names...
CVE-2007-0310
The CVE-2007-0310 entry concerns BMC Remedy Action Request System 5.01.02 Patch 1267. The vulnerability arises because login error messages differ between valid‑username and invalid‑username attempts, allowing remote attackers to enumerate valid account names. Impact stated: attacker can determin...