Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
accellion ftp server |