Account Number Enumeration Vulnerability

Account Number Enumeration Vulnerability

CVE-2018-15131 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

Learn more about our Web Application Penetration Testing UK.