Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-99QF-MR8W-29QW

Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-19 00:01
VLAI
Details

Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25828"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-10T17:47:00Z",
    "severity": "LOW"
  },
  "details": "Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log",
  "id": "GHSA-99qf-mr8w-29qw",
  "modified": "2022-03-19T00:01:32Z",
  "published": "2022-03-11T00:02:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25828"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9C2P-JFMW-FGW7

Vulnerability from github – Published: 2022-08-19 00:00 – Updated: 2022-08-24 00:00
VLAI
Details

** DISPUTED ** An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-29550"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-18T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "** DISPUTED ** An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes \"ps auxwwe\" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness.",
  "id": "GHSA-9c2p-jfmw-fgw7",
  "modified": "2022-08-24T00:00:31Z",
  "published": "2022-08-19T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29550"
    },
    {
      "type": "WEB",
      "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"
    },
    {
      "type": "WEB",
      "url": "https://blog.qualys.com/vulnerabilities-threat-research"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Sep/10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9C9H-VR4P-FJQ2

Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2024-04-04 00:03
VLAI
Details

All versions of unity-scope-gdrive logs search terms to syslog.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-1343"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-22T16:29:00Z",
    "severity": "MODERATE"
  },
  "details": "All versions of unity-scope-gdrive logs search terms to syslog.",
  "id": "GHSA-9c9h-vr4p-fjq2",
  "modified": "2024-04-04T00:03:15Z",
  "published": "2022-05-24T16:44:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1343"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/unity-scope-gdrive/+bug/1509076"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9CCM-QCM5-WRX4

Vulnerability from github – Published: 2022-05-17 00:22 – Updated: 2022-05-17 00:22
VLAI
Details

Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-1000171"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-11-03T18:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.",
  "id": "GHSA-9ccm-qcm5-wrx4",
  "modified": "2022-05-17T00:22:01Z",
  "published": "2022-05-17T00:22:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000171"
    },
    {
      "type": "WEB",
      "url": "https://github.com/MaharaProject/mahara-mobile/issues/33"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9CXC-M8XM-7C7X

Vulnerability from github – Published: 2024-09-12 15:33 – Updated: 2024-10-02 15:30
VLAI
Details

Possible Insertion of Sensitive Information into Log File Vulnerability

in Identity Manager has been discovered in OpenText™ Identity Manager REST Driver. This impact version before 1.1.2.0200.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26322"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-12T13:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Possible Insertion of Sensitive Information into Log File Vulnerability\n\nin Identity Manager has been discovered in\nOpenText\u2122 \nIdentity Manager REST Driver. This impact version before 1.1.2.0200.",
  "id": "GHSA-9cxc-m8xm-7c7x",
  "modified": "2024-10-02T15:30:36Z",
  "published": "2024-09-12T15:33:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26322"
    },
    {
      "type": "WEB",
      "url": "https://www.netiq.com/documentation/identity-manager-48-drivers/RESTDriver1.1.2.0300_readme/data/RESTDriver1.1.2.0300_readme.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9F54-6R7J-3HPH

Vulnerability from github – Published: 2022-04-30 18:18 – Updated: 2022-04-30 18:18
VLAI
Details

The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2001-1556"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2001-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.",
  "id": "GHSA-9f54-6r7j-3hph",
  "modified": "2022-04-30T18:18:18Z",
  "published": "2022-04-30T18:18:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2001-1556"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0231.html"
    },
    {
      "type": "WEB",
      "url": "http://httpd.apache.org/docs/logs.html"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/7363.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9F7J-84Q4-6VJ2

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2025-03-11 18:31
VLAI
Details

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user’s contacts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23505"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-27T20:15:00Z",
    "severity": "LOW"
  },
  "details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user\u2019s contacts.",
  "id": "GHSA-9f7j-84q4-6vj2",
  "modified": "2025-03-11T18:31:57Z",
  "published": "2023-07-06T19:24:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23505"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213598"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213599"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213603"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213604"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213605"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213606"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FC5-Q5GF-F5CP

Vulnerability from github – Published: 2023-07-12 15:30 – Updated: 2024-04-04 06:04
VLAI
Details

In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-38067"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-12T13:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In JetBrains TeamCity before 2023.05.1 build parameters of the \"password\" type could be written to the agent log",
  "id": "GHSA-9fc5-q5gf-f5cp",
  "modified": "2024-04-04T06:04:14Z",
  "published": "2023-07-12T15:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38067"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FGP-XGX7-GPX6

Vulnerability from github – Published: 2022-08-26 00:03 – Updated: 2022-09-01 00:00
VLAI
Details

A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23715"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-25T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user and PATCH /deployments/{deployment_id}/elasticsearch/{ref_id}/keystore",
  "id": "GHSA-9fgp-xgx7-gpx6",
  "modified": "2022-09-01T00:00:21Z",
  "published": "2022-08-26T00:03:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23715"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-4-0-security-update/312825"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FW7-MCQ9-GHF3

Vulnerability from github – Published: 2022-05-13 01:33 – Updated: 2022-05-13 01:33
VLAI
Details

ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "--provision*db", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently leak database passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-1072"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-26T18:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options \"--provision*db\", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently leak database passwords.",
  "id": "GHSA-9fw7-mcq9-ghf3",
  "modified": "2022-05-13T01:33:34Z",
  "published": "2022-05-13T01:33:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1072"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2071"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1072"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.