The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2023-05-23T21:25:09.044Z
Updated: 2024-08-02T12:23:30.867Z
Reserved: 2023-03-10T03:50:27.023Z
Link: CVE-2023-28015
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-05-23T22:15:09.120
Modified: 2024-11-21T07:53:56.123
Link: CVE-2023-28015
Redhat
No data.