CVE-2024-48852

Name of the Vulnerable Software and Affected Versions: FLEXON versions <= 9.3.4

Description: The issue is related to the insertion of sensitive information into log files, potentially leading to improper disclosure of certain information through https access. This could allow a remote attacker to bypass security restrictions and gain unauthorized access to protected information by sending specially crafted HTTPS requests.

Recommendations: For FLEXON versions <= 9.3.4, consider disabling the logging of sensitive information to minimize the risk of exploitation until a patch is available. Restrict access to the log files to prevent unauthorized disclosure of sensitive information. Avoid using https access to sensitive areas of the system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.