Remedy Action Request System Username Enumeration Vulnerability

Remedy Action Request System Username Enumeration Vulnerability

Remedy Action Request System is prone to a username-enumeration vulnerability because of a design error in the application when verifying user-supplied input.

Attackers may exploit this vulnerability to discern valid usernames. This may aid them in brute-force password cracking or other attacks.

Version 5.01.02 is vulnerable; other versions may also be affected.