Описание
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
8.4 High
CVSS3
7.8 High
CVSS3
Дефекты
Связанные уязвимости
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.
EPSS
8.4 High
CVSS3
7.8 High
CVSS3