CVE Vulnerabilities

CVE-2024-13416

Insertion of Sensitive Information into Log File

Published: Feb 06, 2025 | Modified: Feb 21, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.

2N has released an updated version 2.46 of 2N OS, where this vulnerability is mitigated. It is recommended that all customers update their devices to the latest 2N OS.

Weakness

The product writes sensitive information to a log file.

Potential Mitigations

References