What the vulnerability does
01Description
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties.
CVSS base score
8.1/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
August 12, 2025
CVE published
August 12, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-32817 File disclosure in express-hbs
CVE-2024-39683 ZITADEL Vulnerable to Session Information Leakage
CVE-2024-29840 Broken Access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve PIN field values
CVE-2018-0140
CVE-2025-9774 RemoteClinic edit-patient.php information disclosure
