Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-39912

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-15 Jul, 2024 | 19:38
Updated At-02 Aug, 2024 | 04:33
Rejected At-
Credits

Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the `allowedCredentials` property in the assertion options response. This allows enumeration of valid or invalid usernames. By knowing which usernames are valid, attackers can focus their efforts on a smaller set of potential targets, increasing the efficiency and likelihood of successful attacks. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:15 Jul, 2024 | 19:38
Updated At:02 Aug, 2024 | 04:33
Rejected At:
▼CVE Numbering Authority (CNA)
Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the `allowedCredentials` property in the assertion options response. This allows enumeration of valid or invalid usernames. By knowing which usernames are valid, attackers can focus their efforts on a smaller set of potential targets, increasing the efficiency and likelihood of successful attacks. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected Products
Vendor
web-auth
Product
webauthn-framework
Versions
Affected
  • >= 4.5.0, < 4.9.0
Problem Types
TypeCWE IDDescription
CWECWE-204CWE-204: Observable Response Discrepancy
Type: CWE
CWE ID: CWE-204
Description: CWE-204: Observable Response Discrepancy
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27
x_refsource_CONFIRM
https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045
x_refsource_MISC
Hyperlink: https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
spomky-labs
Product
webauthn_framwork
CPEs
  • cpe:2.3:a:spomky-labs:webauthn_framwork:4.5.0:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 4.5.0 before 4.9.0 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27
x_refsource_CONFIRM
x_transferred
https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:15 Jul, 2024 | 20:15
Updated At:16 Jul, 2024 | 13:43

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the `allowedCredentials` property in the assertion options response. This allows enumeration of valid or invalid usernames. By knowing which usernames are valid, attackers can focus their efforts on a smaller set of potential targets, increasing the efficiency and likelihood of successful attacks. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-204Secondarysecurity-advisories@github.com
CWE ID: CWE-204
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045security-advisories@github.com
N/A
https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27security-advisories@github.com
N/A
Hyperlink: https://github.com/web-auth/webauthn-framework/commit/64de11f6cddc71e56c76e0cc4573bf94d02be045
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/web-auth/webauthn-framework/security/advisories/GHSA-875x-g8p7-5w27
Source: security-advisories@github.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

61Records found
CVE-2023-3336
Matching Score-4
Assigner-Moxa Inc.
ShareView Details
Matching Score-4
Assigner-Moxa Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 40.05%
||
7 Day CHG~0.00%
Published-05 Jul, 2023 | 09:11
Updated-20 Nov, 2024 | 21:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TN-5900 Series User Enumeration Vulnerability

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.

Action-Not Available
Vendor-Moxa Inc.
Product-tn-5900_firmwaretn-5900TN-5900 Seriestn-5900
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-40179
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 25.26%
||
7 Day CHG~0.00%
Published-25 Aug, 2023 | 00:58
Updated-02 Oct, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Silverware Games vulnerable to account enumeration via inconsistent responses

Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member of the site. Since version 1.3.6, the "Enter the code" form is always returned, showing the message "If the entered email is associated with an account, a code will be sent now". This change prevents potential violators from determining if our site has a user with the specified email.

Action-Not Available
Vendor-silverwaregamesmesosoi
Product-silverwaregamessilverwaregames-io-issue-tracker
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2023-38362
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 15:56
Updated-07 Jan, 2025 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM CICS TX information disclosure

IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814.

Action-Not Available
Vendor-IBM Corporation
Product-cics_txCICS TX Advancedcics_tx
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-37217
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 25.26%
||
7 Day CHG~0.00%
Published-30 Jul, 2023 | 10:34
Updated-21 Oct, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy

Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy

Action-Not Available
Vendor-tadiranteleTadiran
Product-aeonixTelecom Aeonix
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-32346
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 32.95%
||
7 Day CHG~0.00%
Published-22 May, 2023 | 14:45
Updated-16 Jan, 2025 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows users to claim their devices. This function returns information based on whether the serial number of a device has already been claimed, the MAC address of a device has already been claimed, or whether the attempt to claim a device was successful. An attacker could exploit this to create a list of the serial numbers and MAC addresses of all devices cloud-connected to the Remote Management System.

Action-Not Available
Vendor-teltonikaTeltonika
Product-remote_management_systemRemote Management System
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2023-3221
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 23.51%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 12:31
Updated-30 Sep, 2024 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User enumeration vulnerability in Roundcube Password Recovery Plugin

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database.

Action-Not Available
Vendor-password_recovery_projectAlfnRU
Product-password_recoveryPassword Recovery Plugin
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-37831
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 39.42%
||
7 Day CHG~0.00%
Published-31 Oct, 2023 | 00:00
Updated-12 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue discovered in Elenos ETG150 FM transmitter v3.12 allows attackers to enumerate user accounts based on server responses when credentials are submitted.

Action-Not Available
Vendor-elenosn/aelenos
Product-etg150etg150_firmwaren/aetg150_fm
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2023-33859
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 26.16%
||
7 Day CHG~0.00%
Published-10 Jul, 2024 | 15:26
Updated-02 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security ReaQta information disclosure

IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.

Action-Not Available
Vendor-IBM Corporation
Product-security_qradar_edrSecurity QRadar EDR
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2023-31186
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 25.26%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 00:00
Updated-10 Jan, 2025 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avaya IX Workforce Engagement - User Enumeration - CWE-204: Observable Response Discrepancy

Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy

Action-Not Available
Vendor-Avaya LLC
Product-ix_workforce_engagementIX Workforce Engagement
CWE ID-CWE-203
Observable Discrepancy
CWE ID-CWE-204
Observable Response Discrepancy
CVE-2021-36201
Matching Score-4
Assigner-Johnson Controls
ShareView Details
Matching Score-4
Assigner-Johnson Controls
CVSS Score-4.3||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 20:17
Updated-15 May, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CCURE Observable Response Discrepancy

Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions.

Action-Not Available
Vendor-johnsoncontrolsJohnson Controls
Product-c-cure_9000_firmwarec-cure_9000C•CURE 9000
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2021-20556
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.14%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 17:31
Updated-07 Jan, 2025 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Cognos Controller information disclosure

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181.

Action-Not Available
Vendor-IBM Corporation
Product-cognos_controllerCognos Controllercognos_controller
CWE ID-CWE-204
Observable Response Discrepancy
CWE ID-CWE-203
Observable Discrepancy
  • Previous
  • 1
  • 2
  • Next
Details not found