CVE-2023-47102
5.3MEDIUMUrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
Published: 11/7/2023Updated: 9/29/2025
Description
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
AI AnalysisPowered by AI
Affected Products
urbackupurbackup_server
2.5.31
References
- https://nitipoom-jaroonchaipipat.github.io/security-research-portal/2023-47102
- https://quantiano.github.io/cve-2023-47102/ExploitThird Party Advisory
- https://quantiano.github.io/cve-2023-47102/ExploitThird Party Advisory