75 matches found
Cisco Duo 安全漏洞
Cisco Duo is a fully managed solution from Cisco, Inc. providing secure access to your applications and data. A security vulnerability exists in Cisco Duo that stems from a flaw in the logging component of the authentication agent that could allow an authenticated, remote attacker to view sensiti...
CVE-2023-1711
CVE-2023-1711 affects Hitachi Energy FOXMAN-UN and UNEM logging components. Affected products/versions include FOXMAN-UN: R9C, R10C, R11A, R11B, R14A, R14B, R15A, R15B, R16A and UNEM: R9C, R10C, R11A, R11B, R14A, R14B, R15A, R15B, R16A. The vulnerability is described as improper output neutraliza...
PT-2023-8824 · Unem +1 · Unem +1
Name of the Vulnerable Software and Affected Versions: FOXMAN-UN versions R9C through R16A UNEM versions R9C through R16A Description: A vulnerability exists in the FOXMAN-UN and UNEM logging component, affecting systems that use remote authentication to the network elements. If exploited, an...
SUSE CVE-2017-3317
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Logging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQ...
Information Disclosure
rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: Logging component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data through the multiple protocol...
PT-2022-6728 · Cisco · Cisco Duo Authentication Proxy
Name of the Vulnerable Software and Affected Versions: Cisco Duo Authentication Proxy affected versions not specified Description: A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text o...
Design/Logic Flaw
A vulnerability in the logging component of Cisco Adaptive Security Device Manager ASDM could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited...
CVE-2022-20651
CVE-2022-20651 describes an information-disclosure in the Cisco ASDM logging component. An authenticated, local attacker could access logs on a shared workstation and read unencrypted credentials stored there, leaking other users’ credentials. The issue is tied to how ASDM logs store sensitive da...
The vulnerability of the logging component of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server micro-programming software for call management devices allows a perpetrator to disclose protected information.
The vulnerability of the logging component of Cisco Expressway microprogramming software and the Cisco TelePresence Video Communication Server microprogramming software management device relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a...
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by...
CVE-2022-21460
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
PT-2022-3048 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.37 and prior MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Logging component of MySQL Server, allowing a high-privileged attacker with networ...
PT-2022-1420 · Cisco · Cisco Adaptive Security Device Manager
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Device Manager ASDM affected versions not specified Description: The issue is related to insufficient protection of registration data in the logging component of Cisco Adaptive Security Device Manager ASDM. This could...
UBUNTU-CVE-2021-35633
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2020-15279
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...
Improper access control
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...
PT-2021-9743 · Bitdefender · Bitdefender Endpoint Security Tools For Windows
Name of the Vulnerable Software and Affected Versions: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 Description: An Improper Access Control issue in the logging component allows a regular user to learn the scanning exclusion paths. This issue was discovered during...
Cisco Unified Communications Products Information Disclosure Vulnerability
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager...
The vulnerability of the Logging component of the Oracle Hospitality OPERA 5 Property Services software solution allows a hacker to gain full control over the application.
The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain full control over the application through the HTTP network protocol...
The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.
The vulnerability of the Logging component in the Oracle Hospitality OPERA 5 Property Services software solution relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to modify, add, or delet...