CVE-2025-34155 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based o…
Medium CVSS: 6.9

CVE-2025-34155

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.
Vendor
-
Product
-
CWE
CWE-204
Yayın Tarihi
2025-10-23 17:15:36
Güncelleme
2025-10-27 13:20:15
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-204 MEDIUM 2025

Referanslar

https://aggregate.digital/downloads.html https://aggregate.digital/products/network-manager.html https://www.vulncheck.com/advisories/tibbo-aggregate-network-manager-login-functionality-user-enumeration