← back
CVE-2004-1697

CVE-2004-1697

EPSS 1.5%
The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=109579952809320&w=2http://secunia.com/advisories/12620https://exchange.xforce.ibmcloud.com/vulnerabilities/17464http://www.securityfocus.com/bid/11229