N/A

A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.

N/A

N/A

Venki Supravizio BPM 信息泄露漏洞

Venki Supravizio BPM是巴西Venki公司的一套流程管理解决方案。 Venki Supravizio BPM 10.1.2版本中存在安全漏洞。攻击者可利用该漏洞确定用户名是否有效，进而使用有效的用户名进行暴力攻击。

N/A

N/A