CVE-2021-36721

Summary

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

Affected Software

VendorProductVersion RangeStatus
SysAidSysAid APISysaid – version 20.4.74 20.4.74affected

Weaknesses

  • User Enumeration

ADP Enrichment

CVE Program Container

Additional References

References