Unrated severityNVD Advisory· Published Aug 18, 2007· Updated Jun 16, 2026
CVE-2007-4422
CVE-2007-4422
Description
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
Affected products
2cpe:2.3:a:symantec:enterprise_firewall:6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:symantec:enterprise_firewall:6:*:*:*:*:*:*:*
- (no CPE)range: 6.x
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.