Country/Region

How to mitigate or resolve the campus username enumeration vulnerability

2025-03-29 15:47:40 Published
  • 0 Followed
  • 0Collected ,4Browsed
zhiliao_OaCcf

Problem Description

Software version: AD Campus E6505P19 EIA E6225

Vulnerability details: When different usernames are entered, the current system returns different error messages based on the username, allowing attackers to determine whether a user exists in the system. Subsequently, password brute-force attacks can be performed using the identified usernames.

Remediation suggestion:It is recommended to modify the error message displayed on the page.

Process Analysis

Resolved in EIA version E6607P02

Solution

Upgrade to EIA version E6607P02

Please rate this case:   
0 Comments

No Comments

Add Comments:

Copyright© 2025 H3C reserves all rights to the current version NO.1

The copyright of this icon belongs to H3C. It is only for the use of this community. Do not use it for commercial purposes. Anyone who violates this icon will be prosecuted