Information Exposure in Bootstrap.log File Allows Administrator Password Hash Retrieval

Information Exposure in Bootstrap.log File Allows Administrator Password Hash Retrieval

CVE-2019-16116 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in the Bootstrap.log file. This allows an attacker to obtain the administrator password hash.

Learn more about our Cis Benchmark Audit For Server Software.