Primary

Context

Avantra Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Patched

A vulnerability exists in Avantra prior to version 25.3.0 for both Linux and Windows platforms, allowing the insertion of sensitive information into log files. This issue can lead to resource leak exposure.

Impact

This vulnerability has a high impact on integrity, allowing unauthorized modification of log file contents, and a low impact on confidentiality and availability.

Remediation

Users are advised to upgrade to Avantra version 25.3.x. Additionally, it is recommended to review the permissions of the Avantra Agent user and the Avantra UI, ensuring that non-administrative users do not have the 'Download Agent Log Files' permission.

Added: May 26, 2026, 4:08 PM

Updated: May 26, 2026, 4:08 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Avantra Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Impact

Remediation

Affected Products

syslink software AG Avantra

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating