Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://portal.perforce.com/s/detail/a91PA000001SeWbYAK |
Configurations
No configuration.
History
15 Apr 2025, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-04-15 16:15
Updated : 2025-04-15 18:39
NVD link : CVE-2024-11084
Mitre link : CVE-2024-11084
CVE.ORG link : CVE-2024-11084
JSON object : View
Products Affected
No product.
CWE
CWE-203
Observable Discrepancy