A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not.
[
{
"cpes": [
"cpe:2.3:a:portainer:portainer:2.19.4:*:*:*:*:*:*:*"
],
"vendor": "portainer",
"product": "portainer",
"versions": [
{
"status": "affected",
"version": "2.19.4"
}
],
"defaultStatus": "unknown"
}
]