CVE-2024-8264 MEDIUM

CVE-2024-8264: Sensitive information in agent log file when detailed logging is enabled with Robot Schedule Enterprise prior to version 3.05

Vendor Fortra
Product Robot Schedule Enterprise
Weakness CWE-532 · Sensitive info in logs
Published October 9, 2024
Last update October 10, 2024

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.

Key dates

02Disclosure timeline

October 9, 2024 CVE published
October 10, 2024 Record updated