Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
In M-Files Server product with versions before 21.11.10775.0, enabling logging of federated authentication would write sensitive information to event logs.
Vulnerability Description
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
M-Files Server 日志信息泄露漏洞
Vulnerability Description
M-Files Server是M-Files公司的一个 M-Files 系统的服务器。 M-Files Server产品的21.11.10775.0之前的版本中存在安全漏洞,该漏洞源于启用联合身份验证的日志记录会将敏感信息写入事件日志。
CVSS Information
N/A
Vulnerability Type
N/A