Sysaid API User Enumeration Vulnerability

CVE-2021-36721 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.

Learn more about our Cis Benchmark Audit For Server Software.