Sensitive Information Exposure in M-Files Server Federated Authentication Logging
CVE-2021-41808 · LOW Severity
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. Mitigating factors are logging is disabled by default.
Learn more about our Cis Benchmark Audit For Server Software.