CVE-2022-27893 – The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests.

https://notcve.org/view.php?id=CVE-2022-27893

The Foundry Magritte plugin osisoft-pi-web-connector versions 0.15.0 - 0.43.0 was found to be logging in a manner that captured authentication requests. This vulnerability is resolved in osisoft-pi-web-connector version 0.44.0. Se descubrió que el complemento Foundry Magritte osissoft-pi-web-connector versiones 0.15.0 - 0.43.0 registraba de una manera que capturaba las solicitudes de autenticación. Esta vulnerabilidad se resuelve en osisoft-pi-web-connector versión 0.44.0. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-03.md • CWE-532: Insertion of Sensitive Information into Log File •