Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7715
HistoryNov 09, 2018 - 3:18 a.m.

Information Disclosure

2018-11-0903:18:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

catalina is vulnerable to information disclosure attacks. The vulnerability exists as user enumeration is possible throug the FORM authentication as it does not check if credentials is null.

References

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N