Vulnerabilities > CVE-2019-16516 - Information Exposure Through Discrepancy vulnerability in Connectwise Control 19.3.25270.7185

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
connectwise
CWE-203

Summary

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with certainty if an account exists for a given username.

Vulnerable Configurations

Part Description Count
Application
Connectwise
2

Common Weakness Enumeration (CWE)