|Category:||Information Leak / Disclosure|
Published on 14/11/12 - Updated on 13/10/18
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
No exploits available for this CVE in our database.