CVE-2024-12057
Dec. 9, 2024, 7:15 p.m.
Tags
Product(s) Impacted
PcVue Web
Description
User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.
Weaknesses
CWE-532
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
CWE ID: 532Date
Published: Dec. 9, 2024, 7:15 p.m.
Last Modified: Dec. 9, 2024, 7:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932