2 matches found
CVE-2021-1492
The CVE-2021-1492 issue affects the Duo Authentication Proxy installer prior to version 5.2.1. The root cause is improper validation of file installation paths, allowing a local attacker to coerce the installer into writing to arbitrary privileged directories during new installations. Consequence...
CVE-2023-20207
CVE-2023-20207 affects Cisco Duo Authentication Proxy. The issue is in the logging component, where certain unencrypted credentials are stored, allowing an authenticated, remote attacker to view sensitive information in clear text by accessing logs. Impact is sensitive data disclosure (credential...