Vulnerabilities > Cisco > DUO Authentication FOR Windows Logon AND RDP > 4.2.2

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-06	CVE-2024-20292	Cleartext Storage of Sensitive Information vulnerability in Cisco DUO Authentication for Windows Logon and RDP A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. local low complexity cisco CWE-312	5.5
2024-03-06	CVE-2024-20301	Insufficient Session Expiration vulnerability in Cisco DUO Authentication for Windows Logon and RDP 4.2.2 A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. low complexity cisco CWE-613	6.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.