CNNVD-202512-5052 Information

CNNVD ID

CNNVD-202512-5052

Related CVE

CVE-2022-50800

• CNNVD Published: 2025-12-30

Description (Chinese)

H3C SSL VPN是中国新华三（H3C）公司的安全会话层VPN。 H3C SSL VPN存在安全漏洞，该漏洞源于txtUsrName POST参数存在用户枚举漏洞，可能导致识别有效用户名。

Description (English)

H3C SSL VPN is the security session of Xinhua III (H3C) in China. The H3C SSL VPN has a security loophole, which stems from the txtUsrName POST parameter, which has a user-opening gap that may lead to the identification of a valid user name.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

新华三

Published

2025-12-30

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/50742 https://www.h3c.com https://www.vulncheck.com/advisories/hc-ssl-vpn-na-username-enumeration-via-login-script-credential-verification https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5697.php