Unrated severityNVD Advisory· Published Oct 27, 2021· Updated Sep 17, 2024
Remote user enumeration in mymbCONNECT24, mbCONNECT24 <= 2.9.0
CVE-2021-34580
Description
In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=2.9.0+ 2 more
- (no CPE)range: <=2.9.0
- (no CPE)range: 2.9.0
- (no CPE)range: 2.9.0
Patches
Vulnerability mechanics
References
1- cert.vde.com/en/advisories/VDE-2021-037/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.