Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this as a vulnerability since the disclosure of a local account password (actually an alpha numeric passcode) is achievable only when a custom registry key is added to the windows registry. This action requires administrator access and the registry key is only provided by support staff at securenvoy to troubleshoot customer issues.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SecurEnvoy SecurAccess 日志信息泄露漏洞
Vulnerability Description
Securenvoy SecurEnvoy SecurAccess是英国SecurEnvoy(Securenvoy)公司的一种基于手机的无令牌两因素身份验证,适用于 VPN、SSL、远程桌面、WiFi、Web 门户和笔记本电脑加密。 SecurEnvoy SecurAccess 9.3.502版本中存在日志信息泄露漏洞,该漏洞源于网络系统或产品的日志文件非正常输出。
CVSS Information
N/A
Vulnerability Type
N/A