Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-96X2-V84R-8WQ5

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:26
VLAI
Details

In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via logcat.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17398"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-15T21:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via logcat.",
  "id": "GHSA-96x2-v84r-8wq5",
  "modified": "2024-04-04T02:26:33Z",
  "published": "2022-05-24T16:58:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17398"
    },
    {
      "type": "WEB",
      "url": "https://pastebin.com/5ZDDCqgL"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9747-347M-WJJQ

Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32
VLAI
Details

Windows Kernel Memory Information Disclosure Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-21318"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-14T18:15:55Z",
    "severity": "MODERATE"
  },
  "details": "Windows Kernel Memory Information Disclosure Vulnerability",
  "id": "GHSA-9747-347m-wjjq",
  "modified": "2025-01-14T18:32:04Z",
  "published": "2025-01-14T18:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21318"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21318"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-97QM-2H4W-QGHQ

Vulnerability from github – Published: 2024-12-12 03:33 – Updated: 2025-11-04 00:32
VLAI
Details

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-12T02:15:29Z",
    "severity": "MODERATE"
  },
  "details": "The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data.",
  "id": "GHSA-97qm-2h4w-qghq",
  "modified": "2025-11-04T00:32:13Z",
  "published": "2024-12-12T03:33:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54484"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121839"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Dec/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-97R5-3MCV-523R

Vulnerability from github – Published: 2022-05-17 03:01 – Updated: 2025-04-20 03:32
VLAI
Details

MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-8977"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-01-31T22:59:00Z",
    "severity": "HIGH"
  },
  "details": "MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.",
  "id": "GHSA-97r5-3mcv-523r",
  "modified": "2025-04-20T03:32:04Z",
  "published": "2022-05-17T03:01:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8977"
    },
    {
      "type": "WEB",
      "url": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94397"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-982X-V642-CGCX

Vulnerability from github – Published: 2022-11-08 12:00 – Updated: 2022-11-09 12:00
VLAI
Details

Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-44745"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-07T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.",
  "id": "GHSA-982x-v642-cgcx",
  "modified": "2022-11-09T12:00:25Z",
  "published": "2022-11-08T12:00:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44745"
    },
    {
      "type": "WEB",
      "url": "https://security-advisory.acronis.com/advisories/SEC-3481"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-98H5-V6FV-978X

Vulnerability from github – Published: 2026-05-11 21:31 – Updated: 2026-05-13 18:30
VLAI
Details

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-28943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-11T21:18:55Z",
    "severity": "HIGH"
  },
  "details": "A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout.",
  "id": "GHSA-98h5-v6fv-978x",
  "modified": "2026-05-13T18:30:40Z",
  "published": "2026-05-11T21:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28943"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127110"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127111"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127115"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127116"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127117"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127118"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/127119"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9954-329G-42VC

Vulnerability from github – Published: 2024-01-08 21:30 – Updated: 2026-04-28 21:33
VLAI
Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce: from n/a through 1.4.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-51408"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-08T21:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StudioWombat WP Optin Wheel \u2013 Gamified Optin Email Marketing Tool for WordPress and WooCommerce.This issue affects WP Optin Wheel \u2013 Gamified Optin Email Marketing Tool for WordPress and WooCommerce: from n/a through 1.4.3.",
  "id": "GHSA-9954-329g-42vc",
  "modified": "2026-04-28T21:33:46Z",
  "published": "2024-01-08T21:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51408"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/wp-optin-wheel/wordpress-wp-optin-wheel-plugin-1-4-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-999P-3HF6-2QGP

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32
VLAI
Details

A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-3609"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-16T22:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.",
  "id": "GHSA-999p-3hf6-2qgp",
  "modified": "2022-05-13T01:32:21Z",
  "published": "2022-05-13T01:32:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3609"
    },
    {
      "type": "WEB",
      "url": "https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/jp/solution/1119290"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/1119277"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103097"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-99GF-FRHC-HG67

Vulnerability from github – Published: 2024-07-10 18:32 – Updated: 2026-04-23 15:32
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin Vendor.This issue affects TrustedLogin Vendor: from n/a before 1.1.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-37270"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-201",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-10T18:15:04Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin Vendor.This issue affects TrustedLogin Vendor: from n/a before 1.1.1.",
  "id": "GHSA-99gf-frhc-hg67",
  "modified": "2026-04-23T15:32:24Z",
  "published": "2024-07-10T18:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37270"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/vendor/vulnerability/wordpress-trustedlogin-vendor-plugin-1-1-1-sensitive-data-exposure-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/vendor/wordpress-trustedlogin-vendor-plugin-1-1-1-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-99PC-69Q9-JXF2

Vulnerability from github – Published: 2023-10-26 18:30 – Updated: 2025-02-13 19:19
VLAI
Summary
Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs
Details

Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.

The _xpack/security APIs have been deprecated in Elasticsearch 7.x and were entirely removed in 8.0.0 and later. The only way for a client to use them in Elasticsearch 8.0.0 and later is to provide the Accept: application/json; compatible-with=7 header. Elasticsearch official clients do not use these deprecated APIs.

The list of affected, deprecated APIs, is the following:

POST /_xpack/security/user/{username} PUT /_xpack/security/user/{username} PUT /_xpack/security/user/{username}/_password POST /_xpack/security/user/{username}/_password PUT /_xpack/security/user/_password POST /_xpack/security/user/_password POST /_xpack/security/oauth2/token DELETE /_xpack/security/oauth2/token POST /_xpack/security/saml/authenticate

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.17.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.elasticsearch:elasticsearch"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.9.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-31417"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-30T15:14:03Z",
    "nvd_published_at": "2023-10-26T18:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.\n\nThe `_xpack/security` APIs have been deprecated in Elasticsearch 7.x and were entirely removed in 8.0.0 and later. The only way for a client to use them in Elasticsearch 8.0.0 and later is to provide the `Accept: application/json; compatible-with=7` header. Elasticsearch official clients do not use these deprecated APIs.\n\nThe list of affected, deprecated APIs, is the following:\n\n`POST /_xpack/security/user/{username}`\n`PUT /_xpack/security/user/{username}`\n`PUT /_xpack/security/user/{username}/_password`\n`POST /_xpack/security/user/{username}/_password`\n`PUT /_xpack/security/user/_password`\n`POST /_xpack/security/user/_password`\n`POST /_xpack/security/oauth2/token`\n`DELETE /_xpack/security/oauth2/token`\n`POST /_xpack/security/saml/authenticate`",
  "id": "GHSA-99pc-69q9-jxf2",
  "modified": "2025-02-13T19:19:40Z",
  "published": "2023-10-26T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31417"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20231130-0006"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.