syslog security issue

Home Forums iSMS syslog security issue

Tagged: 

Viewing 1 post (of 1 total)
  • Author
    Posts
  • March 22, 2016 at 9:21 am #11938
    Willem D’Haese
    Participant

    Hello,

    I wanted to let you know that the syslog functionality has some serious flaws. Most of the logs do not contain any useful info, there is no way to specify what level of logs to send.
    And the biggest flaw of all => When a user logs in, the password is sent in cleartext to the syslog server.

    All of the above makes this functionality completely unusable. Please consider fixing at least the clear-text password.

    Grtz

    Willem

  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.