RSS   Vulnerabilities for
'Application programming interface'
   RSS

2021-12-14
 
CVE-2021-36721

CWE-287
 

 
Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

 

 >>> Vendor: Sysaid 5 Products
Sysaid
On-premise
Sysaid on-premises
Sysaidsy on-premises
Application programming interface


Copyright 2022, cxsecurity.com

 

Back to Top