I have a doubt I would want you to please help me with. I need to know whether an issue in a system could be regarded as a vulnerability.
Certain open endpoint (which is open in the sense it does not require authentication of any kind) answers, given a document type and a document number, with data from the user as his/her email, phone number, full name, work and residential addresses, and affiliation status with respect to the business of the client.
The main facts about this endpoint are:
- One can enumerate users and, by extension, no measure against brute force is made.
- The endpoint’s performace decreases as the number of concurrent users/requests increase. The whole server even crashes with a small (<100) number of requests. The application desires to service any Internet user.
- The data from the users is not taken from a public/government database, given that when known (real) documents are searched for, they seem to be missing.
Are there vulnerabilities? If we can say so, which finding(s) would you use to describe them?
Thanks in advance.