The Cybernews investigative team recently found that Safran, a worldwide aviation firm with headquarters in France, was leaking critical data as a result of incorrect system settings.
The company was exposed to a long-term danger of cyberattacks because of the vulnerability.
When Cybernews contacted Safran Group about the leak discovered by researchers, the misconfiguration had already been corrected.
The JSON Web Token (JWT) key, MySQL credentials, and Simple Mail Transfer Protocol (SMTP) credentials for the "no-reply" email were among the sensitive data that were stolen.
Source: https://securityaffairs.com/143505/security/safran-group-leaks-sensitive-data.html
"id": "SAF04481023",
"linkid": "safran",
"type": "Data Leak",
"date": "03/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"