Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.
https://www.beyondtrust.com/trust-center/security-advisories/BT24-06
https://www.beyondtrust.com/trust-center/security-advisories/BT24-06