CVE-2025-34155
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-34155, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-23

Last updated on: 2025-10-27

Assigner: VulnCheck

Description

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-23
Last Modified
2025-10-27
Generated
2026-07-06
AI Q&A
2025-10-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
tibbo aggregate_network_manager <6.40.05>

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-34155 is a user enumeration vulnerability in Tibbo AggreGate Network Manager versions prior to 6.40.05. The login functionality returns different error messages depending on whether a username exists or not. This discrepancy allows an unauthenticated remote attacker to determine which usernames are valid by analyzing the responses, facilitating user enumeration. [1]

Impact Analysis

This vulnerability can allow an attacker to identify valid usernames on the system without authentication. Knowing valid account identifiers increases the risk of targeted brute-force or credential-stuffing attacks, potentially leading to unauthorized access if passwords are weak or reused. [1]

Detection Guidance

This vulnerability can be detected by observing the login responses from Tibbo AggreGate Network Manager versions prior to 6.40.05. Specifically, by submitting different usernames during authentication attempts and analyzing the error messages returned, an attacker can infer whether a username exists based on the discrepancy in responses. To detect this on your system, you can perform controlled login attempts with both valid and invalid usernames and compare the error messages. For example, using curl commands to send login requests and observe the responses can help identify the discrepancy. Example command: curl -X POST -d 'username=someuser&password=somepass' http://<target>/login -v and compare responses for different usernames. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading Tibbo AggreGate Network Manager to version 6.40.05 or later, where this vulnerability is fixed. Additionally, you can implement uniform error messages for authentication failures to prevent user enumeration. Monitoring login attempts for unusual activity and applying rate limiting or account lockout policies can also reduce the risk of brute-force or credential-stuffing attacks facilitated by this vulnerability. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34155. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart