User Enumeration Vulnerability in Jana Server 2.x and 1.4.6

User Enumeration Vulnerability in Jana Server 2.x and 1.4.6

CVE-2002-1064 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

Learn more about our Cis Benchmark Audit For Server Software.