CVE-2021-26908 Automox Agent Sensitive Log Information Disclosure

Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent...

CVE-2021-26909 Automox Agent Guessable S3 Bucket Endpoint

Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent...

Automox Alive Automox Agent 安全特征问题漏洞

Automox Alive Automox Agent is an application from the Automox Alive community. An agent software. An Access Control Error vulnerability exists in versions prior to Automox Agent 31 that stems from the use of inadequately protected S3 bucket endpoints to store sensitive files, which can be...

Automox Alive Automox Agent 日志信息泄露漏洞

Automox Alive Automox Agent is an application from the Automox Alive community. An agent software. A log information disclosure vulnerability exists in versions prior to Automox Agent 31, which stems from logging potentially sensitive information in local log files. No details of the vulnerabilit...

CVE-2021-26908 and CVE-2021-26909: Automox Agent Information Disclosure (FIXED)

Rapid7 researcher Danny Jordan discovered two vulnerabilities in the Automox Agent for Windows and macOS, which could result in information disclosure issues involving the Automox infrastructure. CVE-2021-26908 describes a vulnerability where Automox Agent improperly logs sensitive information on...