NVD

Id
85020  
Name
CVE-2017-8055  
Description
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerability to enumerate valid usernames on an affected Firebox.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-05-07  
Published
2017-04-22  
Modified Date
2017-04-27  
Seq
2017-8055  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67001 JVNDB-2017-003313 WatchGuard Fireware におけるセキュリティ機能に関する脆弱性 WatchGuard Fireware には、セキュリティ機能に関する脆弱性が存在します。 CVE-2017-8055 0 CVE-2017-8055 85020 5 5.3 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003313.html 2017-04-11 2017-05-24 View