PT-2023-19064 · Unknown+1 · Terminalfour+1
Published
2023-04-12
·
Updated
2025-02-10
·
CVE-2023-23591
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Terminalfour versions prior to 8.2.18.7
Terminalfour versions prior to 8.2.18.2.2
Terminalfour versions prior to 8.3.11.1
Terminalfour versions prior to 8.3.14.1
Description
The Logback component in Terminalfour allows OS administrators to obtain sensitive information from application server logs when debug logging is enabled.
Recommendations
For versions prior to 8.2.18.7, update to version 8.2.18.7 or later.
For versions prior to 8.2.18.2.2, update to version 8.2.18.2.2 or later.
For versions prior to 8.3.11.1, update to version 8.3.11.1 or later.
For versions prior to 8.3.14.1, update to version 8.3.14.1 or later.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Logback
Terminalfour