CVE-2024-8264
MEDIUMFortra's Robot Schedule Enterprise Agent <3.05 - Info Disclosure
Title source: llmDescription
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
https://www.fortra.com/security/advisories/product-security/fi-2024-012
Release Notes release-notes
https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm
Scores
CVSS v3
5.5
EPSS
0.0018
EPSS Percentile
7.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-532
Status
published
Products (1)
fortra/robot_schedule
1.24 - 3.05
Published
Oct 09, 2024
Tracked Since
Feb 18, 2026