CVE-2025-34155
BaseFortify
Publication date: 2025-10-23
Last updated on: 2025-10-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tibbo | aggregate_network_manager | <6.40.05> |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-204 | The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34155 is a user enumeration vulnerability in Tibbo AggreGate Network Manager versions prior to 6.40.05. The login functionality returns different error messages depending on whether a username exists or not. This discrepancy allows an unauthenticated remote attacker to determine which usernames are valid by analyzing the responses, facilitating user enumeration. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to identify valid usernames on the system without authentication. Knowing valid account identifiers increases the risk of targeted brute-force or credential-stuffing attacks, potentially leading to unauthorized access if passwords are weak or reused. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by observing the login responses from Tibbo AggreGate Network Manager versions prior to 6.40.05. Specifically, by submitting different usernames during authentication attempts and analyzing the error messages returned, an attacker can infer whether a username exists based on the discrepancy in responses. To detect this on your system, you can perform controlled login attempts with both valid and invalid usernames and compare the error messages. For example, using curl commands to send login requests and observe the responses can help identify the discrepancy. Example command: curl -X POST -d 'username=someuser&password=somepass' http://<target>/login -v and compare responses for different usernames. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Tibbo AggreGate Network Manager to version 6.40.05 or later, where this vulnerability is fixed. Additionally, you can implement uniform error messages for authentication failures to prevent user enumeration. Monitoring login attempts for unusual activity and applying rate limiting or account lockout policies can also reduce the risk of brute-force or credential-stuffing attacks facilitated by this vulnerability. [1]