8.8
CVE-2018-1154
- EPSS 0.42%
- Veröffentlicht 02.08.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:17
- Quelle vulnreport@tenable.com
- CVE-Watchlists
- Unerledigt
LoginIn SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tenable ≫ Securitycenter Version < 5.7.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.588 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|