cve/2020/CVE-2020-35398.md

### [CVE-2020-35398](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35398)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted.

### POC

#### Reference
- https://cvewalkthrough.com/cve-2020-35398-uti-mutual-fund-android-application-username-enumeration/

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-35398](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35398)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted.`

			`### POC`

			`#### Reference`
			`- https://cvewalkthrough.com/cve-2020-35398-uti-mutual-fund-android-application-username-enumeration/`

			`#### Github`
			`No PoCs found on GitHub currently.`