Lucene search
GoogleOSV:GHSA-45GQ-Q4XH-CP53HistoryJan 30, 2024 - 8:56 p.m.
vantage6 vulnerable to username timing attack
2024-01-3020:56:48
Google
osv.dev
5
vantage6
timing attack
username
vulnerability
security
credential
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
Impact
It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks
Workarounds
No
Related
osv
osv
CVE-2024-24770
2024-03-14 19:15:49
CVE-2024-21671
2024-01-30 16:15:48
cve
cve
CVE-2024-24770
2024-03-14 19:15:49
CVE-2024-21671
2024-01-30 16:15:48
cvelist
cvelist
CVE-2024-21671 vantage6 username timing attack
2024-01-30 15:43:06
veracode
veracode
Username Enumeration
2024-03-18 08:15:06
User Enumeration
2024-01-31 07:01:13
nvd
nvd
CVE-2024-24770
2024-03-14 19:15:49
CVE-2024-21671
2024-01-30 16:15:48
github
github
vantage6 vulnerable to username timing attack
2024-01-30 20:56:48
prion
prion
Security feature bypass
2024-01-30 16:15:00
cnvd
cnvd
Unspecified vulnerability in vantage6 (CNVD-2024-07864)
2024-02-04 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
Related for OSV:GHSA-45GQ-Q4XH-CP53