Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or not. This allows confirmation of valid usernames.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kurmi Provisioning Suite 安全漏洞
Vulnerability Description
Kurmi Provisioning Suite是Kurmi公司的一个基础设施管理套件。 Kurmi Provisioning Suite 7.9.0.35之前版本、7.10.x至7.10.0.18版本和7.11.x至7.11.0.15版本存在安全漏洞,该漏洞源于unlogged.do页面的sendPasswordReinitLink操作中存在可观察响应差异漏洞,允许远程攻击者测试用户名是否有效。
CVSS Information
N/A
Vulnerability Type
N/A