CVE-2019-6122 Information
Feb 14, 2021
cve
Description
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an \EMAIL DOES NOT EXIST\ error message occurs whenever a submitted email address is incorrect but there is a different error message for invalid credentials with a correct email address.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Reference
https://cyberworldmirror.com/nicehash-vulnerability-leaked-miners-information/ https://docs.google.com/document/d/1OubhuTRzuTMnkZ9SCFb8BtJVbTu840wDxyWu3VWHwvs/edit
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
3.1
Share on: