2 matches found
CVE-2020-24008
CVE-2020-24008 affects Umanni RH 1.0. A user enumeration flaw exists in the password recovery flow: messages differ between valid and invalid usernames, potentially enabling brute‑force attempts against valid users. Connected sources do not provide concrete remediation details or explicit exploit...
CVE-2020-24007
CVE-2020-24007 affects Umanni RH 1.0, where the login mechanism does not limit authentication attempts. This unbounded brute-force vulnerability could allow an unauthenticated attacker to repeatedly attempt logins against the Login page, as documented by multiple sources (Red Hat advisory and NVD...