CVE-2021-44862

Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user can use the sensitive information to download data and impersonate another user.
Configurations

Configuration 1

cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*

Information

Published : 2022-11-03 08:15

Updated : 2022-11-04 01:28


NVD link : CVE-2021-44862

Mitre link : CVE-2021-44862

Products Affected
No products.
CWE
CWE-532

Insertion of Sensitive Information into Log File