exploitDog

GHSA-mmc8-8j7m-rcwj

Опубликовано: 12 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 2.4

Описание

A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs.

A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs.

Ссылки

EPSS

Процентиль: 4%

0.00018

Низкий

2.4 Low

CVSS4

CVE ID

Дефекты

CWE-532

Связанные уязвимости

CVE-2025-4234

nvd

5 месяцев назад

A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs.

BDU:2025-16022

CVSS3: 3.2

fstec

5 месяцев назад

Уязвимость пакета Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить несанкционированный доступ к учетным данным пользователя

EPSS

Процентиль: 4%

0.00018

Низкий

2.4 Low

CVSS4

CVE ID

Дефекты

CWE-532