CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1744 vulnerabilities reference this CWE, most recent first.
GHSA-G5VF-92M7-VH6W
Vulnerability from github – Published: 2023-10-25 21:30 – Updated: 2025-04-11 15:32A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.1. An app with root privileges may be able to access private information.
{
"affected": [],
"aliases": [
"CVE-2023-40425"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-25T19:15:09Z",
"severity": "MODERATE"
},
"details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.1. An app with root privileges may be able to access private information.",
"id": "GHSA-g5vf-92m7-vh6w",
"modified": "2025-04-11T15:32:14Z",
"published": "2023-10-25T21:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40425"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/109055"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/120950"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213983"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213983"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/21"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G5WJ-4965-6Q9M
Vulnerability from github – Published: 2026-04-05 21:30 – Updated: 2026-04-05 21:30FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and 'CCCC' sequences in the search directory field and initiating a local search operation.
{
"affected": [],
"aliases": [
"CVE-2019-25683"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-05T21:16:46Z",
"severity": "MODERATE"
},
"details": "FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 \u0027A\u0027 characters followed by \u0027BBBB\u0027 and \u0027CCCC\u0027 sequences in the search directory field and initiating a local search operation.",
"id": "GHSA-g5wj-4965-6q9m",
"modified": "2026-04-05T21:30:21Z",
"published": "2026-04-05T21:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25683"
},
{
"type": "WEB",
"url": "https://filezilla-project.org"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/46484"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/filezilla-denial-of-service-via-local-search"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-G644-PR5V-VPPF
Vulnerability from github – Published: 2022-01-06 20:41 – Updated: 2023-09-12 15:04In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.11.4"
},
"package": {
"ecosystem": "Maven",
"name": "org.apache.nifi:nifi-stateless"
},
"ranges": [
{
"events": [
{
"introduced": "1.10.0"
},
{
"fixed": "1.12.0-RC1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-9486"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2021-03-29T16:28:50Z",
"nvd_published_at": "2020-10-01T20:15:00Z",
"severity": "HIGH"
},
"details": "In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext.",
"id": "GHSA-g644-pr5v-vppf",
"modified": "2023-09-12T15:04:25Z",
"published": "2022-01-06T20:41:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9486"
},
{
"type": "WEB",
"url": "https://github.com/apache/nifi/commit/148537d64a017b73160b0d49943183c18f883ab0"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/nifi"
},
{
"type": "WEB",
"url": "https://nifi.apache.org/security#CVE-2020-9486"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Insertion of Sensitive Information into Log File in Apache NiFi Stateless"
}
GHSA-G64R-V5C7-QVH2
Vulnerability from github – Published: 2022-07-16 00:00 – Updated: 2022-07-23 00:00ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.
{
"affected": [],
"aliases": [
"CVE-2022-23141"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-15T15:15:00Z",
"severity": "HIGH"
},
"details": "ZXMP M721 has an information leak vulnerability. Since the serial port authentication on the ZBOOT interface is not effective although it is enabled, an attacker could use this vulnerability to log in to the device to obtain sensitive information.",
"id": "GHSA-g64r-v5c7-qvh2",
"modified": "2022-07-23T00:00:22Z",
"published": "2022-07-16T00:00:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23141"
},
{
"type": "WEB",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1025264"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G67R-5CM4-FJF5
Vulnerability from github – Published: 2024-07-07 00:37 – Updated: 2024-07-09 18:30An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
{
"affected": [],
"aliases": [
"CVE-2024-40598"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-07T00:15:10Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)",
"id": "GHSA-g67r-5cm4-fjf5",
"modified": "2024-07-09T18:30:43Z",
"published": "2024-07-07T00:37:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40598"
},
{
"type": "WEB",
"url": "https://phabricator.wikimedia.org/T326867"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G6HG-4JXH-87CR
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
{
"affected": [],
"aliases": [
"CVE-2021-25420"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-11T15:15:00Z",
"severity": "MODERATE"
},
"details": "Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.",
"id": "GHSA-g6hg-4jxh-87cr",
"modified": "2022-05-24T19:05:06Z",
"published": "2022-05-24T19:05:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25420"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=6"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-G6QX-WQ5W-WR8V
Vulnerability from github – Published: 2025-12-17 21:30 – Updated: 2025-12-19 18:56Mattermost Desktop App versions < 6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs.
A fix is available for direct download via the Mattermost Desktop repository, but it has not been uploaded to the npm registry at time of publication.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "mattermost-desktop"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-13321"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-19T18:56:35Z",
"nvd_published_at": "2025-12-17T19:16:00Z",
"severity": "LOW"
},
"details": "Mattermost Desktop App versions \u003c 6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access to the users system to gain access to potentially sensitive information via reading the application logs.\n\nA fix is available for direct download via the [Mattermost Desktop](https://github.com/mattermost/desktop/releases/tag/v6.0.0) repository, but it has not been uploaded to the npm registry at time of publication.",
"id": "GHSA-g6qx-wq5w-wr8v",
"modified": "2025-12-19T18:56:35Z",
"published": "2025-12-17T21:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13321"
},
{
"type": "WEB",
"url": "https://github.com/mattermost/desktop/commit/722938bb6a97e8b8a5678e6858e44c4d505c08ee"
},
{
"type": "PACKAGE",
"url": "https://github.com/mattermost/mattermost"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Mattermost Desktop App exposes sensitive information in its application logs"
}
GHSA-G6V5-6VG4-7GXP
Vulnerability from github – Published: 2026-03-11 21:31 – Updated: 2026-03-11 21:31A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file.
{
"affected": [],
"aliases": [
"CVE-2026-0520"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-11T21:16:13Z",
"severity": "LOW"
},
"details": "A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file.",
"id": "GHSA-g6v5-6vg4-7gxp",
"modified": "2026-03-11T21:31:03Z",
"published": "2026-03-11T21:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0520"
},
{
"type": "WEB",
"url": "https://www.filez.com/securityPolicy"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-G732-PFFP-45RC
Vulnerability from github – Published: 2023-08-02 00:30 – Updated: 2024-02-14 00:35The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.
{
"affected": [],
"aliases": [
"CVE-2023-31426"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-01T22:15:13Z",
"severity": "MODERATE"
},
"details": "\n\n\nThe Brocade Fabric OS Commands \u201cconfigupload\u201d and \u201cconfigdownload\u201d before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave. This could allow a remote authenticated attacker to access sensitive information.\n\n\n\n\n\n",
"id": "GHSA-g732-pffp-45rc",
"modified": "2024-02-14T00:35:40Z",
"published": "2023-08-02T00:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31426"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230908-0007"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22407"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22377"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G75J-C66M-V892
Vulnerability from github – Published: 2024-09-10 12:30 – Updated: 2024-09-10 12:30A vulnerability has been identified in SINUMERIK 828D V4 (All versions < V4.95 SP3), SINUMERIK 840D sl V4 (All versions < V4.95 SP3 in connection with using Create MyConfig (CMC) <= V4.8 SP1 HF6), SINUMERIK ONE (All versions < V6.23 in connection with using Create MyConfig (CMC) <= V6.6), SINUMERIK ONE (All versions < V6.15 SP4 in connection with using Create MyConfig (CMC) <= V6.6). Affected systems, that have been provisioned with Create MyConfig (CMC), contain a Insertion of Sensitive Information into Log File vulnerability. This could allow a local authenticated user with low privileges to read sensitive information and thus circumvent access restrictions.
{
"affected": [],
"aliases": [
"CVE-2024-43781"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-10T10:15:12Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in SINUMERIK 828D V4 (All versions \u003c V4.95 SP3), SINUMERIK 840D sl V4 (All versions \u003c V4.95 SP3 in connection with using Create MyConfig (CMC) \u003c= V4.8 SP1 HF6), SINUMERIK ONE (All versions \u003c V6.23 in connection with using Create MyConfig (CMC) \u003c= V6.6), SINUMERIK ONE (All versions \u003c V6.15 SP4 in connection with using Create MyConfig (CMC) \u003c= V6.6). Affected systems, that have been provisioned with Create MyConfig (CMC), contain a Insertion of Sensitive Information into Log File vulnerability. This could allow a local authenticated user with low privileges to read sensitive information and thus circumvent access restrictions.",
"id": "GHSA-g75j-c66m-v892",
"modified": "2024-09-10T12:30:38Z",
"published": "2024-09-10T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43781"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-097786.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.