Microsoft · Internet Information Services · CVE-2012-2531
**Name of the Vulnerable Software and Affected Versions**
Microsoft Internet Information Services (IIS) version 7.5
**Description**
The issue concerns weak permissions for the Operational log, allowing local users to discover credentials by reading this file.
**Recommendations**
For Microsoft Internet Information Services (IIS) version 7.5, consider restricting access to the Operational log to prevent local users from reading the file and discovering credentials.