VYPR

User-Enumeration-on-Umanni-RH

by Inflixim4be

CVEs (1)

  • CVE-2020-24008MedAug 26, 2020
    risk 0.35cvss 5.3epss 0.01

    Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.