CVE-2023-20207

A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to view sensitive information in clear text.

Severity	MEDIUM
CVSS	4.9
CWE	CWE-532
KEV
Published	2 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco Nexus Dashboard	cisco-sa-duo-auth-info-JgkSWBLz
Cisco Catalyst PON Series Switches	cisco-sa-duo-auth-info-JgkSWBLz
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-duo-auth-info-JgkSWBLz
Cisco Duo Authentication Proxy	cisco-sa-duo-auth-info-JgkSWBLz
Cisco Duo	cisco-sa-duo-auth-info-JgkSWBLz