CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victims session file name from the /tmp directory, and the victims token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victims password (for the OS and phpMyAdmin) via an attacker account.
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Webpanel | Control-webpanel | 0.9.8.856 (including) | 0.9.8.864 (including) |
While logging all information may be helpful during development stages, it is important that logging levels be set appropriately before a product ships so that sensitive user data and system information are not accidentally exposed to potential attackers. Different log files may be produced and stored for: