説明
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
AI分析AIによる分析
影響を受ける製品
urbackupurbackup_server
2.5.31
参照
- https://nitipoom-jaroonchaipipat.github.io/security-research-portal/2023-47102
- https://quantiano.github.io/cve-2023-47102/ExploitThird Party Advisory
- https://quantiano.github.io/cve-2023-47102/ExploitThird Party Advisory