User Account Enumeration Vulnerability in IBM InfoSphere Information Server

User Account Enumeration Vulnerability in IBM InfoSphere Information Server

CVE-2013-3040 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack.

Learn more about our Cis Benchmark Audit For Server Software.