A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application returns inconsistent error messages in response to invalid user credentials during login session. This allows an attacker to enumerate usernames, and identify valid usernames.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: siemens
Published: 2023-09-12T09:32:25.460Z
Updated: 2024-08-02T18:38:51.252Z
Reserved: 2023-08-21T10:57:08.485Z
Link: CVE-2023-40725
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-12T10:15:28.917
Modified: 2023-09-14T16:46:06.480
Link: CVE-2023-40725
Redhat
No data.