CVE-2020-28918

CVSS 5.3 MEDIUMEPSS 1.0%

DualShield 5.9.8.0821 allows username enumeration on its login form. A valid username results in prompting for the password, whereas an invalid one will produce an "unknown username" error message.

CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cds.thalesgroup.com/en/tcs-cert/CVE-2020-28918 https://deepnetsecurity.com/multi-factor-authentication/https://excellium-services.com/cert-xlm-advisory/CVE-2020-28918