PT-2000-1940 · Cs&T · Cs&T Corporatetime For The Web

Published

2000-12-11

Updated

2017-07-11

CVE-2000-1030

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions CS&T CorporateTime for the Web (affected versions not specified)

Description The issue allows remote attackers to determine valid usernames on the server by exploiting different error messages returned for invalid usernames and invalid passwords.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1030

Affected Products

Cs&T Corporatetime For The Web

PT-2000-1940 · Cs&T · Cs&T Corporatetime For The Web

CVE-2000-1030

Related Identifiers

Affected Products

References · 4