CVE-2024-25654 Information

Description

Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services and to decrypt sensitive data stored in the database.

Reference

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25654