Vulnerabilities > CVE-2022-24032 - Information Exposure Through Discrepancy vulnerability in Adenza Axiomsl Controllerview

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

adenza

CWE-203

NVD

Published: 2022-01-30

Updated: 2023-08-08

Summary

Adenza AxiomSL ControllerView through 10.8.1 is vulnerable to user enumeration. An attacker can identify valid usernames on the platform because a failed login attempt produces a different error message when the username is valid.

Vulnerable Configurations

Part	Description	Count
Application	Adenza Adenza Axiomsl Controllerview *	1

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

https://github.com/jdordonezn/CVE-2022-24032/issues/1