The login for Hosting Controller 1.1 up to and including 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote malicious users to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hosting controller hosting controller 1.3 |
||
hosting controller hosting controller 1.4 |
||
hosting controller hosting controller 1.4.1 |
||
hosting controller hosting controller 1.1 |
||
hosting controller hosting controller 1.4b |