Vulnerability Details CVE-2024-25654
Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.8%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2024-25654
-
cpe:2.3:a:avsystem:unified_management_platform:23.07.0.16567