CVE-2023-3897

Summary

Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message.

This issue affects SureMDM On-premise: 6.31 and below version

Affected Software

VendorProductVersion RangeStatus
Onpremise SureMDM SolutionSureMDM Onpremise6.31affected

Weaknesses

  • CWE-203: CWE-203 Observable Discrepancy

ADP Enrichment

CVE Program Container

Additional References

References