CVE-2020-23283

High

Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's…

mitre·CWE-307·Published 2021-07-21

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

164 chars

Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.

NVDen

164 chars

Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.

Una divulgación de información en Logon Page en la aplicación mConnect de MV versión v02.001.00, permite a un atacante conocer usuarios válidos de la base de datos de la aplicación por medio de fuerza bruta

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N