2 matches found
CVE-2020-13881
CVE-2020-13881 affects pam_tacplus where the TACACS+ shared secret is logged via journald/syslog when DEBUG is enabled. The initial description notes logging of the shared secret for versions 1.3.8–1.5.1. Connected advisories confirm affected packages and provide remediation: Debian/Ubuntu adviso...
CVE-2020-24333
The CVE-2020-24333 issue affects Arista’s CloudVision Portal (CVP) prior to 2020.2, where users with read-only or higher access to the Configlet Management module can download files not intended for access via a specific API. The vulnerability’s impact is the exposure of server-hosted files to au...