Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1697

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1697
Last Modified 05 Sep 2008 04:42:06
Published 21 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1697

Summary

The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames.

Vulnerable Systems


References

XF - unicenter-management-username-bruteforce(17464)

BID - 11229

SECUNIA - 12620

BUGTRAQ - 20040921 CA UniCenter Management Portal Username Enumeration Vulnerability


Last Updated: 27 May 2016 10:39:08