Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1744 vulnerabilities reference this CWE, most recent first.

GHSA-GP98-HFVM-2R4X

Vulnerability from github – Published: 2025-05-14 12:31 – Updated: 2025-07-11 23:15
VLAI
Summary
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files
Details

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver.

This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.

Users are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.iotdb:iotdb-jdbc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.10.0"
            },
            {
              "fixed": "1.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.iotdb:iotdb-jdbc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.1-beta"
            },
            {
              "fixed": "2.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-26795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-05-15T17:18:33Z",
    "nvd_published_at": "2025-05-14T11:16:26Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver.\n\nThis issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.\n\nUsers are recommended to upgrade to version 2.0.2 and 1.3.4, which fix the issue.",
  "id": "GHSA-gp98-hfvm-2r4x",
  "modified": "2025-07-11T23:15:38Z",
  "published": "2025-05-14T12:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26795"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/iotdb/pull/14857"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/iotdb/pull/14863"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/iotdb/commit/34fcaff6b72470d5ad369307dde7fae8897aea7e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/iotdb/commit/8e61e3072ab9ee9a1bbf6c3230014111965462bf"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/iotdb"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/bj0ytxr5wg0c4jw8xm7rhfd8ogho0r91"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/05/14/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files"
}

GHSA-GPPM-HQ3P-H4RP

Vulnerability from github – Published: 2024-11-08 19:03 – Updated: 2026-06-26 19:29
VLAI
Summary
Git credentials are exposed in Atlantis logs
Details

Summary

Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server.

Atlantis logs contains GitHub credentials (tokens ghs_...) when they are rotated. This enables an attacker able to read these logs to impersonate Atlantis application and to perform actions on GitHub.

When Atlantis is used to administer a GitHub organization, this enables getting administration privileges on the organization.

This was reported in https://github.com/runatlantis/atlantis/issues/4060 and fixed in https://github.com/runatlantis/atlantis/pull/4667 . The fix was included in Atlantis v0.30.0.

Details

Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer.

While auditing the Kubernetes/Argo CD/Atlantis deployment of some company, the following set-up was encountered:

  • Most employees have read-only access to Argo CD, enabling them to see the health of deployed applications.
  • Atlantis was deployed as an Argo CD application.
  • Atlantis was used to manage the configuration of a GitHub organization (such as team members), using Terraform's GitHub integration.

Atlantis logs on Argo CD contained lines such as:

{"level":"debug","ts":"2024-11-07T17:58:30.636Z","caller":"vcs/gh_app_creds_rotator.go:58","msg":"Refreshing git tokens for Github App","json":{}}
{"level":"debug","ts":"2024-11-07T17:58:30.637Z","caller":"vcs/gh_app_creds_rotator.go:64","msg":"token ghs_[REDACTED]","json":{}}
{"level":"debug","ts":"2024-11-07T17:58:30.637Z","caller":"vcs/git_cred_writer.go:36","msg":"git credentials file has expected contents, not modifying","json":{}}

This enabled employees with read-only access to Argo CD to get administration privileges on the GitHub organization, compromising all repositories. As some repositories were used for Infrastructure-as-Code deployment (with Atlantis), this enabled the security auditors to get cluster admin privileges on most Kubernetes clusters.

While the set-up "most employees have read-only access to Argo CD" can be seen as dangerous, this should not incur such security risk (cf. https://argo-cd.readthedocs.io/en/stable/operator-manual/security/). The main issue here was that the logs contained privileged GitHub tokens as they were obtained by Atlantis.

This issue was already reported (https://github.com/runatlantis/atlantis/issues/4060) and fixed (https://github.com/runatlantis/atlantis/pull/4667) but no security advisory was published on https://github.com/runatlantis/atlantis/security and no CVE was assigned (https://app.opencve.io/cve/?&vendor=runatlantis&product=atlantis only lists CVE-2022-24912, which is unrelated).

Could you please publish a security advisory?

PoC

Complete instructions, including specific configuration details, to reproduce the vulnerability.

cf. https://github.com/runatlantis/atlantis/issues/4060 for more details.

Impact

What kind of vulnerability is it? Who is impacted?

  • This leaks sensitive GitHub tokens in the log files (CWE-532: Insertion of Sensitive Information into Log File).
  • This could enable anyone with log read access to compromiseGitHub organizations managed by Atlantis.
  • This impact at least users using Atlantis with Github application and integration.
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/runatlantis/atlantis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.30.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52009"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-08T19:03:35Z",
    "nvd_published_at": "2024-11-08T23:15:05Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n_Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server._\n\nAtlantis logs contains GitHub credentials (tokens `ghs_...`) when they are rotated. This enables an attacker able to read these logs to impersonate Atlantis application and to perform actions on GitHub.\n\nWhen Atlantis is used to administer a GitHub organization, this enables getting administration privileges on the organization.\n\nThis was reported in https://github.com/runatlantis/atlantis/issues/4060 and fixed in https://github.com/runatlantis/atlantis/pull/4667 . The fix was included in [Atlantis v0.30.0](https://github.com/runatlantis/atlantis/releases/tag/v0.30.0).\n\n### Details\n_Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer._\n\nWhile auditing the Kubernetes/Argo CD/Atlantis deployment of some company, the following set-up was encountered:\n\n- Most employees have read-only access to Argo CD, enabling them to see the health of deployed applications.\n- Atlantis was deployed as an Argo CD application.\n- Atlantis was used to manage the configuration of a GitHub organization (such as team members), using [Terraform\u0027s GitHub integration](https://registry.terraform.io/providers/integrations/github/latest).\n\nAtlantis logs on Argo CD contained lines such as:\n\n```json\n{\"level\":\"debug\",\"ts\":\"2024-11-07T17:58:30.636Z\",\"caller\":\"vcs/gh_app_creds_rotator.go:58\",\"msg\":\"Refreshing git tokens for Github App\",\"json\":{}}\n{\"level\":\"debug\",\"ts\":\"2024-11-07T17:58:30.637Z\",\"caller\":\"vcs/gh_app_creds_rotator.go:64\",\"msg\":\"token ghs_[REDACTED]\",\"json\":{}}\n{\"level\":\"debug\",\"ts\":\"2024-11-07T17:58:30.637Z\",\"caller\":\"vcs/git_cred_writer.go:36\",\"msg\":\"git credentials file has expected contents, not modifying\",\"json\":{}}\n```\n\nThis enabled employees with read-only access to Argo CD to get administration privileges on the GitHub organization, compromising all repositories. As some repositories were used for Infrastructure-as-Code deployment (with Atlantis), this enabled the security auditors to get cluster admin privileges on most Kubernetes clusters.\n\nWhile the set-up \"most employees have read-only access to Argo CD\" can be seen as dangerous, this should not incur such security risk (cf. https://argo-cd.readthedocs.io/en/stable/operator-manual/security/). The main issue here was that the logs contained privileged GitHub tokens as they were obtained by Atlantis.\n\nThis issue was already reported  (https://github.com/runatlantis/atlantis/issues/4060) and fixed (https://github.com/runatlantis/atlantis/pull/4667) but no security advisory was published on https://github.com/runatlantis/atlantis/security and no CVE was assigned (https://app.opencve.io/cve/?\u0026vendor=runatlantis\u0026product=atlantis only lists [CVE-2022-24912](https://nvd.nist.gov/vuln/detail/CVE-2022-24912), which is unrelated).\n\nCould you please publish a security advisory?\n\n### PoC\n_Complete instructions, including specific configuration details, to reproduce the vulnerability._\n\ncf. https://github.com/runatlantis/atlantis/issues/4060 for more details.\n\n### Impact\n_What kind of vulnerability is it? Who is impacted?_\n\n- This leaks sensitive GitHub tokens in the log files (CWE-532: Insertion of Sensitive Information into Log File).\n- This could enable anyone with log read access to compromiseGitHub organizations managed by Atlantis.\n- This impact at least users using Atlantis with Github application and integration.",
  "id": "GHSA-gppm-hq3p-h4rp",
  "modified": "2026-06-26T19:29:46Z",
  "published": "2024-11-08T19:03:35Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/runatlantis/atlantis/security/advisories/GHSA-gppm-hq3p-h4rp"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52009"
    },
    {
      "type": "WEB",
      "url": "https://github.com/runatlantis/atlantis/issues/4060"
    },
    {
      "type": "WEB",
      "url": "https://github.com/runatlantis/atlantis/pull/4667"
    },
    {
      "type": "WEB",
      "url": "https://github.com/runatlantis/atlantis/commit/0def7d3fb74aabb75570554692b053950cde02e1"
    },
    {
      "type": "WEB",
      "url": "https://argo-cd.readthedocs.io/en/stable/operator-manual/security"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/runatlantis/atlantis"
    },
    {
      "type": "WEB",
      "url": "https://github.com/runatlantis/atlantis/releases/tag/v0.30.0"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-3265"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Git credentials are exposed in Atlantis logs"
}

GHSA-GQFM-5HJ3-5HPJ

Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2022-05-24 17:00
VLAI
Details

The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ?trace? and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-16206"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-08T18:15:00Z",
    "severity": "LOW"
  },
  "details": "The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ?trace? and the \u0027debug\u0027 logging level; which could allow a local authenticated attacker to access sensitive information.",
  "id": "GHSA-gqfm-5hj3-5hpj",
  "modified": "2022-05-24T17:00:41Z",
  "published": "2022-05-24T17:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16206"
    },
    {
      "type": "WEB",
      "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-865"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-GQQW-GQ22-WW82

Vulnerability from github – Published: 2024-01-23 03:31 – Updated: 2025-11-04 21:31
VLAI
Details

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-23T01:15:10Z",
    "severity": "MODERATE"
  },
  "details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.",
  "id": "GHSA-gqqw-gq22-ww82",
  "modified": "2025-11-04T21:31:04Z",
  "published": "2024-01-23T03:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42937"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214035"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214036"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214041"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214057"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214058"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214063"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214035"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214036"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214041"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214058"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214063"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jan/34"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jan/37"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jan/38"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GR2Q-RXQG-MRRQ

Vulnerability from github – Published: 2024-07-11 18:31 – Updated: 2025-01-07 21:30
VLAI
Details

An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information.

When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information. This issue affects:

Junos OS:

  • All versions before 22.1R2-S2,
  • 22.1R3 and later versions,
  • 22.2 versions before 22.2R2-S1, 22.2R3,
  • 22.3 versions before 22.3R1-S2, 22.3R2;

Junos OS Evolved:

  • All versions before before 22.1R3-EVO,
  • 22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO,
  • 22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO.
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39532"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-11T17:15:10Z",
    "severity": "MODERATE"
  },
  "details": "An\u00a0Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information.\n\nWhen another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information.\nThis issue affects:\n\nJunos OS:\n\n\n\n  *  All versions before 22.1R2-S2,\n  *  22.1R3 and later versions,\n  *  22.2 versions before 22.2R2-S1, 22.2R3,\n  *  22.3 versions before 22.3R1-S2, 22.3R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n  *  All versions before before 22.1R3-EVO,\n  *  22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO,\n  *  22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO.",
  "id": "GHSA-gr2q-rxqg-mrrq",
  "modified": "2025-01-07T21:30:54Z",
  "published": "2024-07-11T18:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39532"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA82992"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GR4W-63R3-8H38

Vulnerability from github – Published: 2026-06-26 15:32 – Updated: 2026-06-26 15:32
VLAI
Details

Mattermost Plugins versions <=11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries generated during authentication failures. Mattermost Advisory ID: MMSA-2026-00609

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-9699"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-26T15:16:56Z",
    "severity": "MODERATE"
  },
  "details": "Mattermost Plugins versions \u003c=11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries generated during authentication failures. Mattermost Advisory ID: MMSA-2026-00609",
  "id": "GHSA-gr4w-63r3-8h38",
  "modified": "2026-06-26T15:32:18Z",
  "published": "2026-06-26T15:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9699"
    },
    {
      "type": "WEB",
      "url": "https://mattermost.com/security-updates"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRRJ-5C92-774H

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32
VLAI
Details

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-3776"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-12T22:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker\u0027s actions not being logged in the audit log.",
  "id": "GHSA-grrj-5c92-774h",
  "modified": "2022-05-13T01:32:20Z",
  "published": "2022-05-13T01:32:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3776"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/232347"
    },
    {
      "type": "WEB",
      "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2018-006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GRWG-CQ67-4RWV

Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-19 00:01
VLAI
Details

Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25827"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-10T17:47:00Z",
    "severity": "LOW"
  },
  "details": "Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log",
  "id": "GHSA-grwg-cq67-4rwv",
  "modified": "2022-03-19T00:01:33Z",
  "published": "2022-03-11T00:02:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25827"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GV6G-P8PG-JX2H

Vulnerability from github – Published: 2024-04-10 18:30 – Updated: 2025-04-08 18:34
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31247"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T16:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Fr\u00e9d\u00e9ric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3.",
  "id": "GHSA-gv6g-p8pg-jx2h",
  "modified": "2025-04-08T18:34:11Z",
  "published": "2024-04-10T18:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31247"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-70-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GV84-HWH2-8QH7

Vulnerability from github – Published: 2023-02-01 15:30 – Updated: 2023-02-08 18:30
VLAI
Details

Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22572"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-01T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.",
  "id": "GHSA-gv84-hwh2-8qh7",
  "modified": "2023-02-08T18:30:23Z",
  "published": "2023-02-01T15:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22572"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000207863/dell-powerscale-onefs-security-updates-for-multiple-security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.