Unauthenticated Remote Attacker Can Determine if a Username is Valid or Not
CVE-2024-34024

Currently unrated

Key Information:

Vendor: Fsas Technologies Inc.
Status: Fujitsu Business Application Id Link Manager Ii; Fujitsu Software Id Link Manager; Fujitsu Software Time Creator Id Link Manager; Fujitsu Software Time Creator Id Link Manager Saas
Vendor: CVE Published:; 18 June 2024

🔔 Create Fsas Technologies Inc. Vulnerability Alert

What is CVE-2024-34024?

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not.

Affected Version(s)

FUJITSU Business Application ID Link Manager II V1.8 and earlier

FUJITSU Software ID Link Manager V2.0

FUJITSU Software TIME CREATOR ID Link Manager V2.3.0

References

https://www.fujitsu.com/jp/group/fsas/about/resources/sec...

https://jvn.jp/en/jp/JVN65171386/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2024
Vulnerability Reserved
May 22, 2024

CVE-2024-34024 Data

JSON