Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote attackers to enumerate users via a series of requests.
AV:N/AC:L/Au:N/C:P/I:N/A:NAxway Email Firewall
APPAxwaywszystkie wersjeAxway Secure Messenger
APPAxway6.3.2≤ 6.5.0
Related vulnerabilities
Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to una...
Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service...
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by ...
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authent...
Cross-site request forgery (CSRF) vulnerability in Axway SecureTransport 5.1 SP2 and earlier allows remote att...