|Article No°||Product Name||Affected Version(s)|
An issue was discovered in myREX24 and myREX24.virtual in all versions through 2.11.2.
A remote, unauthenticated attacker can enumerate valid users with a timing attack against the webserver.
Update to Version 2.12.1
SySS GmbH reported this vulnerability to Helmholz.
Helmholz reported this vulnerability to MB connect line.
CERT@VDE coordinated with Helmholz & MB connect line.