Innovative Interfaces Sierra Library Services Platform 1.2_3 provides different responses for login request depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of login requests, possibly related to the Webpac Pro submodule.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-09-02T14:00:00

Updated: 2018-10-09T18:57:01

Reserved: 2014-07-30T00:00:00


Link: CVE-2014-5137

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2014-09-02T14:55:03.463

Modified: 2018-10-09T19:49:59.367


Link: CVE-2014-5137

JSON object: View

cve-icon Redhat Information

No data.

CWE