Vulnerability CVE-2021-45901


Published: 2022-02-10

Description:
The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists.

See advisories in our WLB2 database:
Topic
Author
Date
Low
ServiceNow Username Enumeration
Victor Hanna
22.02.2022

 References:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/servicenow-username-enumeration-vulnerability-cve-2021-45901/
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/

Copyright 2024, cxsecurity.com

 

Back to Top