CVE-2007-4422

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
Configurations

Configuration 1

cpe:2.3:a:symantec:enterprise_firewall:6:*:*:*:*:*:*:*

Information

Published : 2007-08-18 09:17

Updated : 2017-07-29 01:32


NVD link : CVE-2007-4422

Mitre link : CVE-2007-4422

Products Affected
No products.