Primary

Context

Fortra Application Hub Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in Fortra Application Hub (formerly Helpsystems One) versions prior to 1.3, where under certain log settings, the IAM or CORE service may inadvertently log credentials in the IAM logfile. This issue is classified as sensitive information disclosure, allowing unauthorized access to logged credentials.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of sensitive information, specifically credentials, through the application's log files.

Remediation

Users are advised to upgrade to Fortra Application Hub version 1.3. As a mitigation measure, avoid using trace level logging in Fortra Application Hub.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortra Application Hub Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating