Cleartext User Password and PSK Leakage in Stormshield SSO Agent Installer Log File
CVE-2022-22703 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
Learn more about our User Device Pen Test.