CVE-2017-9978

CVE-2017-9978

On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, a flaw was found with the error message sent as a response for users that don’t exist on the system. An attacker could leverage this information to fine-tune and enumerate valid accounts on the system by searching for common usernames.

Source: CVE-2017-9978

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다