Vulnerabilities > DUO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-20207 | Cleartext Storage of Sensitive Information vulnerability in DUO Authentication Proxy 5.8.1/6.0.0 A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. | 6.5 |
| 2021-03-25 | CVE-2021-1492 | Windows Shortcut Following (.LNK) vulnerability in DUO Authentication Proxy The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. | 7.1 |
| 2020-07-20 | CVE-2020-3442 | Cleartext Transmission of Sensitive Information vulnerability in DUO Duoconnect 1.0.0/1.1.0 The DuoConnect client enables users to establish SSH connections to hosts protected by a DNG instance. | 5.7 |