In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-08-02T10:24:32.820190Z

Updated: 2024-09-16T22:46:43.672Z

Reserved: 2021-06-10T00:00:00

Link: CVE-2021-34575

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-08-02T11:15:11.417

Modified: 2021-08-10T16:51:01.500

Link: CVE-2021-34575

cve-icon Redhat

No data.