Code injection

2023-03-2820:15:00

PRIOn knowledge base

www.prio-n.com

code injection

mcubo ict

observable response discrepancy

user enumeration attacks

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.0%

JSON

An issue was discovered in MCUBO ICT through 10.12.4 (aka 6.0.2). An Observable Response Discrepancy can occur under the login web page. In particular, the web application provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor. That allow an unauthorized actor to perform User Enumeration attacks.

CPENameOperatorVersion
mcuboictle10.12.4

CPE	Name	Operator	Version
	mcuboict	le	10.12.4

References

vuldb.com/?id.224303

www.gruppotim.it/it/footer/red-team.html