CVE-2024-33856

Medium

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the…

mitre·CWE-204·Published 2024-05-07

CVSS

5.3

EPSS

0.00

KEV

Exploits

cve.orgen

165 chars

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

NVDen

165 chars

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.

Se descubrió un problema en Logpoint antes de 7.4.0. Un atacante puede enumerar una lista válida de nombres de usuario observando el tiempo de respuesta en el endpoint de Forgot Password.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Secondary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N