Umbrella
CVE-2021-40126
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appears when a user attempts to modify their email address when the new address already exists in the system. An attacker could exploit this vulnerability by attempting to modify the user's email address. A successful exploit could allow the attacker to enumerate email addresses of users in the system.
AnalysisAI
A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-210. A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerability is due to an overly descriptive error message on the dashboard that appears when a user attempts to modify their email address when the new address already exists in the system. An attacker could exploit this vulnerability by attempting to modify the user's email address. A successful exploit could allow the attacker to enumerate email addresses of users in the system. Affected products include: Cisco Umbrella.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across t
A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an au
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could all
The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel (
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to redirect a user t
A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cro
A vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker t
A vulnerability in the web UI of Cisco Umbrella could allow an unauthenticated, remote attacker to negatively affect the
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriag
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could all
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today