CVE-2021-44155

An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is valid includes Login Failed, but does not include this string if the username is invalid. This allows an attacker to enumerate valid users.
Configurations

Configuration 1

cpe:2.3:a:reprisesoftware:reprise_license_manager:14.2:*:*:*:*:*:*:*

Information

Published : 2021-12-13 04:15

Updated : 2021-12-15 04:01


NVD link : CVE-2021-44155

Mitre link : CVE-2021-44155

Products Affected
No products.
CWE