Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
User enumeration
Vulnerability Description
For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
SICK Field Analytics和SICK Media Server 安全漏洞
Vulnerability Description
SICK Field Analytics和SICK Media Server都是德国SICK公司的产品。SICK Field Analytics是一款用于评估制造数据的软件。SICK Media Server是一款媒体服务器。 SICK Field Analytics 和SICK Media Server存在安全漏洞,该漏洞源于登录失败时返回不同错误消息,可能导致用户名枚举攻击。
CVSS Information
N/A
Vulnerability Type
N/A