Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://zammad.com/en/advisories/zaa-2024-05 |
History
Thu, 12 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-532 | |
Metrics |
cvssV3_1
|
Mon, 09 Dec 2024 03:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-12-09T00:00:00
Updated: 2024-12-12T17:15:13.116Z
Reserved: 2024-12-09T00:00:00
Link: CVE-2024-55578
Vulnrichment
Updated: 2024-12-12T17:15:05.613Z
NVD
Status : Awaiting Analysis
Published: 2024-12-09T03:15:04.530
Modified: 2024-12-12T18:15:27.533
Link: CVE-2024-55578
Redhat
No data.