Back to search
CVE-2024-12057
Published: Dec 9, 2024
Modified: Mar 21, 2025
PUBLISHED
Description
User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.
| Vendor | Product | Versions |
|---|---|---|
arcinfo | PcVue | affected 16.0.0 - < 16.2.4affected 15.0.0 - < 15.2.11 |
Weaknesses (CWE)
References
https://www.pcvue.com/security/#SB2024-6
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now