Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Application users enumeration in CDeX
Vulnerability Description
This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.This issue affects CDeX application versions through 5.7.1.
CVSS Information
N/A
Vulnerability Type
通过差异性导致的信息暴露
Vulnerability Title
CDeX 安全漏洞
Vulnerability Description
CDeX是CDeX公司的一个免费的软件包。用于从音频 CD 提取数字音频并转换 Microsoft Windows 的音频格式。 CDeX 5.7.1及之前版本存在安全漏洞,该漏洞源于允许攻击者在密码恢复过程中对有效用户进行暴力破解攻击。
CVSS Information
N/A
Vulnerability Type
N/A