CVE-2025-67806
LOW
NVD
CVSS Score
3.7
Severity
LOW
Published
Apr 01, 2026
Vendor
unknown
Description
The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 2021_06_000. On-premise administrators can toggle this behavior in newer versions.