CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-93F3-23RQ-PJFP
Vulnerability from github – Published: 2020-07-07 18:56 – Updated: 2022-08-10 23:59Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like <protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>. The password value is not redacted and is printed to stdout and also to any generated log files.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "npm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.14.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-15095"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2020-07-07T18:30:59Z",
"nvd_published_at": "2020-07-07T19:15:00Z",
"severity": "MODERATE"
},
"details": "Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like `\u003cprotocol\u003e://[\u003cuser\u003e[:\u003cpassword\u003e]@]\u003chostname\u003e[:\u003cport\u003e][:][/]\u003cpath\u003e`. The password value is not redacted and is printed to stdout and also to any generated log files.",
"id": "GHSA-93f3-23rq-pjfp",
"modified": "2022-08-10T23:59:40Z",
"published": "2020-07-07T18:56:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/npm/cli/security/advisories/GHSA-93f3-23rq-pjfp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15095"
},
{
"type": "WEB",
"url": "https://github.com/npm/cli/commit/a9857b8f6869451ff058789c4631fadfde5bbcbc"
},
{
"type": "WEB",
"url": "https://github.com/npm/cli/blob/66aab417f836a901f8afb265251f761bb0422463/CHANGELOG.md#6146-2020-07-07"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202101-07"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00015.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "npm CLI exposing sensitive information through logs"
}
GHSA-93F7-XVXJ-XH3R
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2024-04-04 01:21Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.
{
"affected": [],
"aliases": [
"CVE-2019-11273"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-23T23:15:00Z",
"severity": "MODERATE"
},
"details": "Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.",
"id": "GHSA-93f7-xvxj-xh3r",
"modified": "2024-04-04T01:21:52Z",
"published": "2022-05-24T16:51:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11273"
},
{
"type": "WEB",
"url": "https://pivotal.io/security/CVE-2019-11273"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-93FQ-2C5R-CJ4M
Vulnerability from github – Published: 2023-05-02 09:30 – Updated: 2024-04-04 03:46Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log.
{
"affected": [],
"aliases": [
"CVE-2023-31207"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-02T09:15:10Z",
"severity": "MODERATE"
},
"details": "Transmission of credentials within query parameters in Checkmk \u003c= 2.1.0p26, \u003c= 2.0.0p35, and \u003c= 2.2.0b6 (beta) may cause the automation user\u0027s secret to be written to the site Apache access log.",
"id": "GHSA-93fq-2c5r-cj4m",
"modified": "2024-04-04T03:46:29Z",
"published": "2023-05-02T09:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31207"
},
{
"type": "WEB",
"url": "https://checkmk.com/werk/15189"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-93H4-P6C6-58PW
Vulnerability from github – Published: 2026-06-10 00:31 – Updated: 2026-06-10 00:31MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction.
{
"affected": [],
"aliases": [
"CVE-2026-9735"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T23:17:03Z",
"severity": "MODERATE"
},
"details": "MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction.",
"id": "GHSA-93h4-p6c6-58pw",
"modified": "2026-06-10T00:31:50Z",
"published": "2026-06-10T00:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9735"
},
{
"type": "WEB",
"url": "https://jira.mongodb.org/browse/SERVER-126506"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-93QW-8CMP-CW56
Vulnerability from github – Published: 2022-05-27 00:01 – Updated: 2022-06-08 00:00Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
{
"affected": [],
"aliases": [
"CVE-2022-20809"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-26T14:15:00Z",
"severity": "MODERATE"
},
"details": "Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
"id": "GHSA-93qw-8cmp-cw56",
"modified": "2022-06-08T00:00:55Z",
"published": "2022-05-27T00:01:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20809"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-bsFVwueV"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-942G-2QF9-83FP
Vulnerability from github – Published: 2022-05-17 03:01 – Updated: 2022-05-17 03:01IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.
{
"affected": [],
"aliases": [
"CVE-2016-0296"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-01T20:59:00Z",
"severity": "LOW"
},
"details": "IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.",
"id": "GHSA-942g-2qf9-83fp",
"modified": "2022-05-17T03:01:52Z",
"published": "2022-05-17T03:01:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0296"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993213"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94213"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-94WV-J3JC-G3FM
Vulnerability from github – Published: 2024-11-05 12:31 – Updated: 2024-11-05 12:31Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
{
"affected": [],
"aliases": [
"CVE-2024-51528"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-05T10:21:15Z",
"severity": "MODERATE"
},
"details": "Vulnerability of improper log printing in the Super Home Screen module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality.",
"id": "GHSA-94wv-j3jc-g3fm",
"modified": "2024-11-05T12:31:03Z",
"published": "2024-11-05T12:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51528"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2024/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-95V7-JV4X-23WW
Vulnerability from github – Published: 2022-02-11 00:01 – Updated: 2025-10-31 12:30VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.
{
"affected": [],
"aliases": [
"CVE-2022-22939"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-04T23:15:00Z",
"severity": "MODERATE"
},
"details": "VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.",
"id": "GHSA-95v7-jv4x-23ww",
"modified": "2025-10-31T12:30:20Z",
"published": "2022-02-11T00:01:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22939"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-96MV-8MP2-5CWQ
Vulnerability from github – Published: 2022-07-13 00:01 – Updated: 2022-07-17 00:00Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
{
"affected": [],
"aliases": [
"CVE-2022-33688"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T14:15:00Z",
"severity": "LOW"
},
"details": "Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.",
"id": "GHSA-96mv-8mp2-5cwq",
"modified": "2022-07-17T00:00:45Z",
"published": "2022-07-13T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33688"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-96VC-522P-F5F2
Vulnerability from github – Published: 2025-04-08 18:34 – Updated: 2025-04-08 18:34Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
{
"affected": [],
"aliases": [
"CVE-2025-25002"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T18:15:47Z",
"severity": "MODERATE"
},
"details": "Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.",
"id": "GHSA-96vc-522p-f5f2",
"modified": "2025-04-08T18:34:45Z",
"published": "2025-04-08T18:34:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25002"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25002"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.