CVE-2025-34155
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-23

Last updated on: 2025-10-27

Assigner: VulnCheck

Description
Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-23
Last Modified
2025-10-27
Generated
2026-06-16
AI Q&A
2025-10-23
EPSS Evaluated
2026-06-14
NVD
CVE-2025-34155
EUVD
EUVD-2025-35703
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tibbo aggregate_network_manager <6.40.05>
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-34155 is a user enumeration vulnerability in Tibbo AggreGate Network Manager versions prior to 6.40.05. The login functionality returns different error messages depending on whether a username exists or not. This discrepancy allows an unauthenticated remote attacker to determine which usernames are valid by analyzing the responses, facilitating user enumeration. [1]

Impact Analysis

This vulnerability can allow an attacker to identify valid usernames on the system without authentication. Knowing valid account identifiers increases the risk of targeted brute-force or credential-stuffing attacks, potentially leading to unauthorized access if passwords are weak or reused. [1]

Detection Guidance

This vulnerability can be detected by observing the login responses from Tibbo AggreGate Network Manager versions prior to 6.40.05. Specifically, by submitting different usernames during authentication attempts and analyzing the error messages returned, an attacker can infer whether a username exists based on the discrepancy in responses. To detect this on your system, you can perform controlled login attempts with both valid and invalid usernames and compare the error messages. For example, using curl commands to send login requests and observe the responses can help identify the discrepancy. Example command: curl -X POST -d 'username=someuser&password=somepass' http://<target>/login -v and compare responses for different usernames. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading Tibbo AggreGate Network Manager to version 6.40.05 or later, where this vulnerability is fixed. Additionally, you can implement uniform error messages for authentication failures to prevent user enumeration. Monitoring login attempts for unusual activity and applying rate limiting or account lockout policies can also reduce the risk of brute-force or credential-stuffing attacks facilitated by this vulnerability. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34155. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart