Weak Permissions in IIS 7.5 Operational Log: Password Disclosure Vulnerability

CVE-2012-2531 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Iis.