AI Score
Confidence
Low
EPSS
Percentile
28.7%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearch?search={NAME]+{SURNAME] endpoint, and the /login endpoint. The web application provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
[
{
"cpes": [
"cpe:2.3:a:liveboxcloud:vdesk:-:*:*:*:*:*:*:*"
],
"vendor": "liveboxcloud",
"product": "vdesk",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "v031"
}
],
"defaultStatus": "unknown"
}
]