Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2024-07864
HistoryFeb 04, 2024 - 12:00 a.m.

Unspecified vulnerability in vantage6 (CNVD-2024-07864)

2024-02-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
vantage6
security vulnerability
username discovery
response time
privacy preserving
federal learning infrastructure
cnvd-2024-07864

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

vantage6 is vantage6 open source an open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security vulnerability previously existed in vantage6 version 4.2.0 that stemmed from the ability to find out a username from the response time of a login request. No details of the vulnerability are provided at this time.

CPENameOperatorVersion
vantage6 vantage6lt4.2.0

Related

veracode 1
cve 1
cvelist 1
nvd 1
prion 1
github 1
osv 5
veracode
veracode
User Enumeration
2024-01-31 07:01:13
cve
cve
CVE-2024-21671
2024-01-30 16:15:48
cvelist
cvelist
CVE-2024-21671 vantage6 username timing attack
2024-01-30 15:43:06
nvd
nvd
CVE-2024-21671
2024-01-30 16:15:48
prion
prion
Security feature bypass
2024-01-30 16:15:00
github
github
vantage6 vulnerable to username timing attack
2024-01-30 20:56:48
osv
osv
vantage6 vulnerable to username timing attack
2024-01-30 20:56:48
CVE-2024-24770
2024-03-14 19:15:49
vantage6 vulnerable to a username timing attack on recover password/MFA token
2024-03-15 16:44:36

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for CNVD-2024-07864
veracode1cve1cvelist1nvd1prion1github1osv5