Description
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center (TAC) to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration changes made using the provisioning server or the device WebUI.
CVSS Metrics
- Vector
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Attack Vector
- network
- Complexity
- low
- Privileges
- high
- User Action
- active
- Confidentiality
- undefined
- Integrity
- undefined
- Availability
- undefined
- Weaknesses
- CWE-532
Metadata
- Primary Vendor
- HP
- Published
- 12/16/2025
- Last Modified
- 12/18/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
hp : poly_videooshp : poly_tcos
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.