Cve 2025 24023

Cve 2025 24023. New Features November 2022 Phoenix Security This issue, named as a timing attack, could be exploited by an attacker to enumerate usernames. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate.

Microsoft Patch Tuesday, January 2025 Security Update Review Qualys ThreatPROTECT
Microsoft Patch Tuesday, January 2025 Security Update Review Qualys ThreatPROTECT from threatprotect.qualys.com

The following table lists the changes that have been made to the CVE-2025-24023 vulnerability over time CVE-2025-24023 Vulnerability, Severity 5.3 MEDIUM, Observable Response Discrepancy

Microsoft Patch Tuesday, January 2025 Security Update Review Qualys ThreatPROTECT

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics. Discover the vulnerability affecting Flask-AppBuilder, enabling username enumeration through timing attacks CVE-2025-24023 is a vulnerability affecting the Flask-AppBuilder application development framework

Microsoft and Adobe Patch Tuesday, January 2025 Security Update Review Qualys Security Blog. It is crucial to upgrade to the patched version or apply the suggested workaround to mitigate the risk of unauthorized access. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login

[B! security]. This issue, named as a timing attack, could be exploited by an attacker to enumerate usernames. CVE-ID; CVE-2025-24023: Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information