Filtered by vendor Oneidentity
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7962 | 1 Oneidentity | 1 Password Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The enumeration is possible because, within the HTTP response content, WRONG ID is only returned when the answer is incorrect. | |||||
| CVE-2019-13497 | 1 Oneidentity | 1 Cloud Access Manager | 2019-11-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests. | |||||