An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (name and e-mail address) of everyone in the entire organization. This information can allow remote attackers to perform social engineering or brute force attacks against the system login page.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-16T11:58:38
Updated: 2024-08-04T00:19:47.910Z
Reserved: 2021-06-14T00:00:00
Link: CVE-2021-34683
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-06-16T12:15:12.793
Modified: 2024-11-21T06:10:56.543
Link: CVE-2021-34683
Redhat
No data.