{"vulnerability": "CVE-2020-7962", "sightings": [{"uuid": "a0e9a558-b0ce-44e9-ade0-3088e0278899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7962", "type": "seen", "source": "https://t.me/cibsecurity/16322", "content": "\u203c CVE-2020-7962 \u203c\n\nAn issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The enumeration is possible because, within the HTTP response content, WRONG ID is only returned when the answer is incorrect.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-13T22:33:57.000000Z"}]}