CVE-2007-4422
Currently unrated
Summary
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
References
EPSS Score
80% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved