Description
A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive information into the log file, which can lead to an account takeover. However, the attack requires bypassing protections on modifying the tunnel token on a the attacker's system.This issue affects SDP Client: before 5.10.34.
References
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
2505284f-8ffb-486c-bf60-e19c1097a90b
Vulnerability status
Analyzed
Published
2024-07-31T17:15:11.860
3 months agoLast modified
2024-08-27T15:41:15.443
2 months ago