CVE-2024-0912 – CCURE passwords exposed to administrators

https://notcve.org/view.php?id=CVE-2024-0912

05 Jun 2024 — Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions En determinadas circunstancias, Microsoft® Internet Information Server (IIS) utilizado para alojar el servidor web C•CURE 9000 registrará los detalles de las credenciales de Microsoft Windows en los registros. No hay ningún impacto en las interfaces de serv... • https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03 • CWE-532: Insertion of Sensitive Information into Log File •