CVE-2022-27599

Name of the Vulnerable Software and Affected Versions QVR Pro Client versions prior to 2.3.0.0420

Description The issue is related to insufficient protection of registration data in QVR Pro Client, which may allow an attacker to gain unauthorized access to protected information. An insertion of sensitive information into the log file vulnerability has been reported, potentially providing local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors.

Recommendations For QVR Pro Client versions prior to 2.3.0.0420, update to version 2.3.0.0420 or later to resolve the issue. As a temporary workaround, consider restricting access to the log file to minimize the risk of exploitation.