The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
https://www.toshibatec.com/information/pdf/information20240531_01.pdf
https://www.toshibatec.com/information/20240531_01.html