CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
69.4%
The user login page in Visibility Software Cyber Recruiter before 8.1.00 generates different responses for invalid password-retrieval attempts depending on which data elements are incorrect, which might allow remote attackers to obtain account-related information via a series of requests.
Vendor | Product | Version | CPE |
---|---|---|---|
visibility_software | cyber_recruiter | * | cpe:2.3:a:visibility_software:cyber_recruiter:*:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 6.2 | cpe:2.3:a:visibility_software:cyber_recruiter:6.2:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 6.4 | cpe:2.3:a:visibility_software:cyber_recruiter:6.4:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 6.6 | cpe:2.3:a:visibility_software:cyber_recruiter:6.6:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 6.8 | cpe:2.3:a:visibility_software:cyber_recruiter:6.8:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 7.0 | cpe:2.3:a:visibility_software:cyber_recruiter:7.0:*:*:*:*:*:*:* |
visibility_software | cyber_recruiter | 7.2 | cpe:2.3:a:visibility_software:cyber_recruiter:7.2:*:*:*:*:*:*:* |