Headline
H3C SSL VPN Username Enumeration
The weakness is caused due to the login script and how it verifies provided credentials. An attacker can use this weakness to enumerate valid users on the affected application via ‘txtUsrName’ POST parameter.