VYPR
Unrated severityNVD Advisory· Published Dec 14, 2021· Updated Sep 16, 2024

Sysaid - Sysaid API User Enumeration

CVE-2021-36721

Description

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

Affected products

2
  • Sysaid/Sysaidllm-fuzzy2 versions
    <21.3.60+ 1 more
    • (no CPE)range: <21.3.60
    • (no CPE)range: Sysaid – version 20.4.74 20.4.74

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.