Unrated severityNVD Advisory· Published May 23, 2023· Updated Jan 17, 2025
HCL Domino AppDev Pack is susceptible to a User Account Enumeration vulnerability
CVE-2023-28015
Description
The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: < 1.0.6
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.