CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5137

Innovative Interfaces Sierra Library Services Platform 1.2_3 provides different responses for login request depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of login requests, possibly related to the Webpac Pro submodule.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.8%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.securityfocus.com/archive/1/533267/100/0/threaded
http://www.securityfocus.com/archive/1/533267/100/0/threaded

Products affected by CVE-2014-5137

Iii » Sierra » Version: 1.2_3

cpe:2.3:a:iii:sierra:1.2_3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5137

Products

Pricing

Contact Us