December 13, 2021
Categorized: Low Severity
Share this post:
Novalink uses WebSphere Application Server Liberty. Which could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts.
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6525732
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/205202