CVE-2021-34575
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MB connect line | mymbCONNECT24 | 2.8.0 <= 2.8.0 | affected |
| MB connect line | mbCONNECT24 | 2.8.0 <= 2.8.0 | affected |
Weaknesses
- CWE-203: CWE-203 Information Exposure Through Discrepancy
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.