Описание
Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords.
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.4 (включая)
Одновременно
cpe:2.3:a:axxonsoft:axxon_one:*:*:*:*:*:windows:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00021
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-532
Связанные уязвимости
CVSS3: 5.5
github
5 месяцев назад
Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords.
EPSS
Процентиль: 5%
0.00021
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-532