MEDIUM🇬🇧 English

CVE-2012-6452

CVSS 5.0v2.0pub. 2014-05-27upd. 2026-05-06

Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote attackers to enumerate users via a series of requests.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Axway Email Firewall

    APP
    Axway
    wszystkie wersje
  • Axway Secure Messenger

    APP
    Axway
    6.3.2≤ 6.5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
FirewallAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2019-14277CRITICAL9.8ten sam vendor

Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to una...

CVE-2015-5606HIGH7.5ten sam vendor

Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service...

CVE-2019-6500HIGH7.5ten sam vendor

In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by ...

CVE-2012-4991HIGH8.5ten sam vendor

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authent...

CVE-2013-7057MEDIUM6.8ten sam vendor

Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote att...