CVE-2023-3336

Name of the Vulnerable Software and Affected Versions TN-5900 Series versions 3.3 and prior

Description The issue allows a remote attacker to determine whether a user is valid during password recovery through the web login page, potentially enabling a brute force attack with valid users. This is related to inconsistent responses to incoming requests, which may allow an attacker to gain unauthorized access to protected information.

Recommendations For TN-5900 Series versions 3.3 and prior, consider temporarily restricting access to the web login page to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.