Vulnerability Details CVE-2006-6052
NetEpi Case Manager before 0.98 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://sourceforge.net/project/shownotes.php?release_id=463793
- http://www.vupen.com/english/advisories/2006/4570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30366
- http://sourceforge.net/project/shownotes.php?release_id=463793
- http://www.vupen.com/english/advisories/2006/4570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30366
Products affected by CVE-2006-6052
-
cpe:2.3:a:netepi_case_manager:netepi_case_manager:0.93
-
cpe:2.3:a:netepi_case_manager:netepi_case_manager:0.94
-
cpe:2.3:a:netepi_case_manager:netepi_case_manager:0.95
-
cpe:2.3:a:netepi_case_manager:netepi_case_manager:0.96
-
cpe:2.3:a:netepi_case_manager:netepi_case_manager:0.97