CVE-2022-27599

MEDIUM Year: 2022
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-532
View all →

Vulnerability Description

An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later

Related Vulnerabilities

CVE-2017-1795

MEDIUM
CVSS:4.4(Medium)

IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly sensitive information via trace logs in IBM WebSphere MQ Managed File Transfer. IBM X-Force ID: 137042.

CWE-5322017

CVE-2018-16859

MEDIUM
CVSS:4.4(Medium)

Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user wi...

CWE-5322018

CVE-2018-1788

MEDIUM
CVSS:4.4(Medium)

IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. IBM X-Force ID: 148873.

CWE-5322018

CVE-2018-2440

MEDIUM
CVSS:4.4(Medium)

Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5) exposes sensitive information in the application logs.

CWE-5322018

CVE-2019-4225

MEDIUM
CVSS:4.4(Medium)

IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.

CWE-5322019

CVE-2019-4284

MEDIUM
CVSS:4.4(Medium)

IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain sensitive OIDC token that is printed to log files, which could be used to log in to the system as anothe...

CWE-5322019