Username Enumeration Vulnerability in Accellion FTP Server (Prior to Version FTA_9_12_220)
CVE-2016-9499 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them.
Learn more about our Cis Benchmark Audit For Server Software.