CVE-2025-34155

Q: How severe is CVE-2025-34155?

CVSS scoring is not yet available for CVE-2025-34155. Check NVD for updates.

Q: Is there a patch for CVE-2025-34155?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.

Vulnerability Description

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.

Related Weaknesses (CWE)

CWE-204

References

FAQ

What is CVE-2025-34155?

CVE-2025-34155 is a documented vulnerability. Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or ...

How severe is CVE-2025-34155?

CVSS scoring is not yet available for CVE-2025-34155. Check NVD for updates.

Is there a patch for CVE-2025-34155?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.