CVE-2024-31878

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-203
View all →

Vulnerability Description

IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538.

Related Vulnerabilities

CVE-2013-1422

MEDIUM
CVSS:5.3(Medium)

webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").

CWE-2032013

CVE-2014-4156

MEDIUM
CVSS:5.3(Medium)

Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability

CWE-2032014

CVE-2016-9129

MEDIUM
CVSS:5.3(Medium)

Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revi...

CWE-2032016

CVE-2017-5107

MEDIUM
CVSS:5.3(Medium)

A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a craf...

CWE-2032017

CVE-2017-7006

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows...

CWE-2032017

CVE-2017-8055

MEDIUM
CVSS:5.3(Medium)

WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier retur...

CWE-2032017