Information disclosure in Arcinfo Pcvue
CVE-2024-12057
User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker cou…
EPSS: 0.001 (20.5th percentile) — read the EPSS interpretation.
Affected products
- Arcinfo Pcvue — versions 16.0.0, 15.0.0
Weakness classification (CWE)
References
- www.pcvue.com/security/ (vendor-advisory)