The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover private group names by observing whether a call throws an error.
2012-11-16T12:24:24.167
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.0 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mozilla | bugzilla | 3.7 | Yes |
| Application | mozilla | bugzilla | 3.7.1 | Yes |
| Application | mozilla | bugzilla | 3.7.2 | Yes |
| Application | mozilla | bugzilla | 3.7.3 | Yes |
| Application | mozilla | bugzilla | 4.0 | Yes |
| Application | mozilla | bugzilla | 4.0 | Yes |
| Application | mozilla | bugzilla | 4.0 | Yes |
| Application | mozilla | bugzilla | 4.0.1 | Yes |
| Application | mozilla | bugzilla | 4.0.2 | Yes |
| Application | mozilla | bugzilla | 4.0.3 | Yes |
| Application | mozilla | bugzilla | 4.0.4 | Yes |
| Application | mozilla | bugzilla | 4.0.5 | Yes |
| Application | mozilla | bugzilla | 4.0.6 | Yes |
| Application | mozilla | bugzilla | 4.0.7 | Yes |
| Application | mozilla | bugzilla | 4.0.8 | Yes |
| Application | mozilla | bugzilla | 4.1 | Yes |
| Application | mozilla | bugzilla | 4.1.1 | Yes |
| Application | mozilla | bugzilla | 4.1.2 | Yes |
| Application | mozilla | bugzilla | 4.1.3 | Yes |
| Application | mozilla | bugzilla | 4.2 | Yes |
| Application | mozilla | bugzilla | 4.2 | Yes |
| Application | mozilla | bugzilla | 4.2 | Yes |
| Application | mozilla | bugzilla | 4.2.1 | Yes |
| Application | mozilla | bugzilla | 4.2.2 | Yes |
| Application | mozilla | bugzilla | 4.2.3 | Yes |
| Application | mozilla | bugzilla | 4.3 | Yes |
| Application | mozilla | bugzilla | 4.3.1 | Yes |
| Application | mozilla | bugzilla | 4.3.2 | Yes |
| Application | mozilla | bugzilla | 4.3.3 | Yes |