CVE-2020-24008

Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.
References
Configurations

Configuration 1

cpe:2.3:a:umanni:human_resources:1.0:*:*:*:*:*:*:*

Information

Published : 2020-08-26 02:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-24008

Mitre link : CVE-2020-24008

Products Affected
No products.
CWE