CVE-2025-34155

UNKNOWN 0.0

Tibbo AggreGate Network Manager < 6.40.05 Login Functionality User Enumeration

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.

CWE	CWE-204
Vendor	tibbo systems
Product	aggregate network manager
Published	Oct 23, 2025
Last Updated	May 14, 2026

Stay Ahead of the Next One

Get instant alerts for tibbo systems aggregate network manager

Be the first to know when new unknown vulnerabilities affecting tibbo systems aggregate network manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Tibbo Systems / AggreGate Network Manager

0 < 6.40.05

References

NVD ↗ CVE.org ↗ EPSS Data ↗

aggregate.digital: https://aggregate.digital/downloads.html aggregate.digital: https://aggregate.digital/products/network-manager.html vulncheck.com: https://www.vulncheck.com/advisories/tibbo-aggregate-network-manager-login-functionality-user-enumeration

Credits

Alex Williams from Pellera Technologies