Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.
The product writes sensitive information to a log file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Moneyworks | Cognito | * | 8.0.3 (including) |