The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote malicious users to enumerate valid usernames.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec enterprise firewall 6 |