Fortra's RSEA Vulnerability Exposes FTP Credentials

CVE-2024-8264

5.5MEDIUM

Key Information

Vendor
Fortra
Status
Robot Schedule
Vendor
CVE Published:
9 October 2024

Summary

Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD Database
.