CNNVD-202507-345 Information
CNNVD ID
CNNVD-202507-345
Related CVE
- CNNVD Published: 2025-07-04
Description (Chinese)
Ergon Informatik AG Airlock IAM是瑞士Ergon Informatik AG公司的一个安全访问管理系统。 Ergon Informatik AG Airlock IAM存在安全漏洞,该漏洞源于密码重置时间差异,可能导致用户名枚举。以下版本受到影响:7.7.9版本、8.0.8版本、8.1.7版本、8.2.4版本和8.3.1版本。
Description (English)
Ergon Informik AG Airlock IAM is a secure access management system for Ergon Informik AG, Switzerland. Ergon Informatik AG Airlock IAM has a security loophole, which stems from a time difference in the re-engineering of passwords, which may lead to the listing of user names. The following versions were affected: 7.7.9, 8.0.8, 8.1.7, 8.2.4 and 8.3.1.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Ergon Informatik AG
Published
2025-07-04
Last Modified
2026-02-24
References
https://www.redguard.ch/blog/2025/07/04/cve-2025-6056-airlock-iam-username-enumeration/ https://access.redhat.com/security/cve/cve-2025-6056
Patch
https://docs.airlock.com/iam/8.3/index/1714273434693.html
Share on: