Sync-in Server Username Enumeration Vulnerability via Timing Attack
Vulnerability
A logic flaw in the Sync-in Server authentication API endpoint prior to version 2.2.0 allows unauthenticated remote attackers to enumerate valid usernames by analyzing response times. This vulnerability facilitates targeted brute-force attacks and other social engineering tactics.
Impact
Exploitation of this vulnerability allows for username enumeration, which can be leveraged to conduct targeted brute-force attacks and other more focused attacks, such as social engineering.
Reproduction
The vulnerability can be reproduced by sending authentication requests to the '/api/auth/login' endpoint with various usernames. Valid usernames will elicit a response after approximately 350-400 milliseconds, while invalid usernames will be processed in about 95-100 milliseconds. This timing difference can be exploited to identify valid usernames.
Remediation
Users can upgrade to Sync-in Server version 2.2.0 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.