Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system with the specified e-mail address. The request must be made with an "apiKey" value in the "ApiKey" header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
42Gears SureMDM 信息泄露漏洞
Vulnerability Description
42Gears Mobility Systems 42Gears SureMDM是美国42Gears Mobility Systems公司的一套用于移动设备的资产管理平台。该平台主要用于监控和管理企业移动设备。 42Gears SureMDM 2018-11-27之前版本中的API endpoint存在信息泄露漏洞。攻击者可通过向/api/register/:email发送GET请求利用该漏洞确定系统中所存在的账户。
CVSS Information
N/A
Vulnerability Type
N/A