CVSS 3.1 Score 6.5 of 10 (medium)


Published Jul 12, 2023
Updated: Jan 25, 2024
CWE ID 312
CWE ID 532


CVE-2023-20207 is a vulnerability in the logging component of Cisco Duo Authentication Proxy. It affects the products sEfBhG and sEfBhF. An authenticated, remote attacker could exploit this vulnerability to view sensitive information in clear text on an affected system by accessing the logs and obtaining unencrypted credentials. The danger posed by this vulnerability is high as it allows unauthorized access to sensitive information. The CVSS score for this vulnerability is 6.5, indicating a medium severity level. To remediate this issue, users should update to the latest version of Cisco Duo Authentication Proxy that addresses this vulnerability.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-20207 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options