The-Magician

**Name of the Vulnerable Software and Affected Versions** pam tacplus versions 1.3.8 through 1.5.1 **Description** The issue concerns the logging of the TACACS+ shared secret via syslog when the DEBUG loglevel and journald are used. This occurs in the support.c file of pam tacplus. **Recommendations** For pam tacplus versions 1.3.8 through 1.5.1, consider disabling the DEBUG loglevel or journald to prevent the TACACS+ shared secret from being logged via syslog until a patch is available.