2 matches found
CVE-2024-37028
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Finger .@host Unused Account Disclosure
It is possible to force the remote finger daemon to display a list of accounts that have never been used by issuing the request : finger .@target A remote attacker could use this information to guess which operating system is running or mount further attacks against these accounts. C Tenable...