CVE-2024-42349 - FOG Server Unauthorized Login Disclosure

CVE ID : CVE-2024-42349 Published : Aug. 2, 2024, 8:17 p.m. | 2 hours, 12 minutes ago Description : FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server (fog_login_accepted.log and fog_login_failed.log), exposing the name of the user account used to manage FOG, the IP address of the computer used to login and the User-Agent. This vulnerability is fixed in 1.5.10.47. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Autor

Aug 3, 2024 - 00:30

0 2

CVE-2024-42349 - FOG Server Unauthorized Login Disclosure

CVE ID : CVE-2024-42349
Published : Aug. 2, 2024, 8:17 p.m. | 2 hours, 12 minutes ago
Description : FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server (fog_login_accepted.log and fog_login_failed.log), exposing the name of the user account used to manage FOG, the IP address of the computer used to login and the User-Agent. This vulnerability is fixed in 1.5.10.47.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2024-42349 - FOG Server Unauthorized Login Disclosure

Tags:

Verwandte Beiträge

Follow Us

Popular Posts

Recommended Posts

Popular Tags