Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cato Networks Windows SDP Client Sensitive data in trace logs can lead to account takeover
Vulnerability Description
A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to an account takeover. However, the attack requires bypassing protections on modifying the tunnel token on a the attacker's system.This issue affects SDP Client: before 5.10.34.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Cato Networks Windows SDP Client 安全漏洞
Vulnerability Description
Cato Networks Windows SDP Client是以色列Cato Networks公司的一款安全的远程访问软件。 Cato Networks Windows SDP Client 5.10.28之前版本存在安全漏洞,该漏洞源于允许将敏感信息插入到日志文件中,可能导致帐户接管。
CVSS Information
N/A
Vulnerability Type
N/A