Описание
A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system.
This vulnerability is due to improper storage of an unencrypted registry key in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view sensitive information in clear text.
Уязвимые конфигурации
EPSS
4.4 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view sensitive information in clear text.
Уязвимость облачной платформы для защиты приложений от доступа несанкционированных пользователей и устройств Cisco Duo для Windows, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
4.4 Medium
CVSS3
5.5 Medium
CVSS3