In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
References
Link | Resource |
---|---|
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41808/ | Vendor Advisory |
Configurations
Information
Published : 2022-01-18 09:15
Updated : 2022-01-25 18:02
NVD link : CVE-2021-41808
Mitre link : CVE-2021-41808
JSON object : View
CWE
CWE-532
Insertion of Sensitive Information into Log File
Products Affected
m-files
- m-files_server