CVE Vulnerabilities

CVE-2000-1030

Published: Dec 11, 2000 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server.

Affected Software

Name Vendor Start Version End Version
Corporatetime_for_the_web Csandt * 2.1.2 (including)

References