CVE-2025-2910

Medium CVSS: 6.9

User enumeration in the password reset module of the MeetMe authentication service in versions prior to 2024-09 allows an attacker to determine whether an email address is registered through specific error messages.

Vendor

Product

CWE

CWE-204

Yayın Tarihi

2025-03-28 13:15:41

Güncelleme

2025-03-28 18:11:40

Source Identifier

cve-coordination@incibe.es

KEV Date Added

Kategoriler

CWE-204 MEDIUM 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fermax-mobile-applications