CNNVD-202508-2498 Information
CNNVD ID
CNNVD-202508-2498
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Cisco Duo Authentication Proxy是美国思科(Cisco)公司的一个本地安全服务。 Cisco Duo Authentication Proxy存在信息泄露漏洞,该漏洞源于系统日志文件敏感信息掩码不足,可能导致高权限用户查看敏感信息。
Description (English)
Cisco Duo Education Proxy is a local security service of Cisco. Cisco Duo Administration Proxy has a leaky information loophole, which stems from the inadequacy of the system log file sensitive information mask, which may lead to high-permissible users viewing sensitive information.
Hazard Level
High
Vulnerability Type
信息泄露
Affected Vendor
Citadel
Published
2025-08-20
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-66682 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-authproxlog-SxczXQ63 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd36820 https://nvd.nist.gov/vuln/detail/CVE-2025-20345
Patch
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
Share on: