Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1744 vulnerabilities reference this CWE, most recent first.

CVE-2023-20891 (GCVE-0-2023-20891)

Vulnerability from cvelistv5 – Published: 2023-07-26 05:41 – Updated: 2024-10-21 13:07
VLAI
Title
VMware Tanzu Application Service for VMs and Isolation Segment information disclosure vulnerability
Summary
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. In a default deployment non-admin users do not have access to the platform system audit logs.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
VMware VMware Tanzu Application Service for VMs Affected: 4.0.x , < 4.0.5 (4.0.5)
Affected: 3.0.x , < 3.0.14 (3.0.14)
Affected: 2.13.x , < 2.13.24 (2.13.24)
Affected: 2.11.x , < 2.11.42 (2.11.42)
Create a notification for this product.
VMware Isolation segment Affected: 4.0.x , < 4.0.4 (4.0.4)
Affected: 3.0.x , < 3.0.13 (3.0.13)
Affected: 2.13.x , < 2.13.20 (2.13.20)
Affected: 2.11.x , < 2.11.35 (2.11.35)
Create a notification for this product.
Date Public
2023-07-25 14:35
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:21:33.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2023-0016.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20891",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-21T13:03:22.532049Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T13:07:34.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux",
            "MacOS",
            "Android",
            "iOS",
            "ARM",
            "x86",
            "64 bit",
            "32 bit"
          ],
          "product": "VMware Tanzu Application Service for VMs",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "4.0.5",
              "status": "affected",
              "version": "4.0.x",
              "versionType": "4.0.5"
            },
            {
              "lessThan": "3.0.14",
              "status": "affected",
              "version": "3.0.x",
              "versionType": "3.0.14"
            },
            {
              "lessThan": "2.13.24",
              "status": "affected",
              "version": "2.13.x",
              "versionType": "2.13.24"
            },
            {
              "lessThan": "2.11.42",
              "status": "affected",
              "version": "2.11.x",
              "versionType": "2.11.42"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux",
            "Android",
            "ARM",
            "x86",
            "64 bit",
            "iOS",
            "MacOS",
            "32 bit"
          ],
          "product": "Isolation segment",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "4.0.4",
              "status": "affected",
              "version": "4.0.x",
              "versionType": "4.0.4"
            },
            {
              "lessThan": "3.0.13",
              "status": "affected",
              "version": "3.0.x",
              "versionType": "3.0.13"
            },
            {
              "lessThan": "2.13.20",
              "status": "affected",
              "version": "2.13.x",
              "versionType": "2.13.20"
            },
            {
              "lessThan": "2.11.35",
              "status": "affected",
              "version": "2.11.x",
              "versionType": "2.11.35"
            }
          ]
        }
      ],
      "datePublic": "2023-07-25T14:35:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs.\u0026nbsp;A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. \u003cb\u003eIn a default deployment non-admin users do not have access to the platform system audit logs\u003c/b\u003e."
            }
          ],
          "value": "The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs.\u00a0A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF API admin credentials and can push new malicious versions of an application. In a default deployment non-admin users do not have access to the platform system audit logs."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-26T05:41:23.643Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://www.vmware.com/security/advisories/VMSA-2023-0016.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMware Tanzu Application Service for VMs and Isolation Segment information disclosure vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2023-20891",
    "datePublished": "2023-07-26T05:41:23.643Z",
    "dateReserved": "2022-11-01T15:41:50.394Z",
    "dateUpdated": "2024-10-21T13:07:34.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20207 (GCVE-0-2023-20207)

Vulnerability from cvelistv5 – Published: 2023-07-12 13:51 – Updated: 2024-08-02 09:05
VLAI
Summary
A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to view sensitive information in clear text.
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
Cisco Cisco Duo Authentication Proxy Affected: 2.10.0
Affected: 2.10.1
Affected: 2.11.0
Affected: 2.12.0
Affected: 2.12.1
Affected: 2.13.0
Affected: 2.14.0
Affected: 2.4.10
Affected: 2.4.11
Affected: 2.4.12
Affected: 2.4.13
Affected: 2.4.14
Affected: 2.4.14.1
Affected: 2.4.15
Affected: 2.4.16
Affected: 2.4.17
Affected: 2.4.18
Affected: 2.4.19
Affected: 2.4.2
Affected: 2.4.20
Affected: 2.4.21
Affected: 2.4.3
Affected: 2.4.4
Affected: 2.4.5
Affected: 2.4.6
Affected: 2.4.7
Affected: 2.4.8
Affected: 2.4.9
Affected: 2.5.4
Affected: 2.6.0
Affected: 2.7.0
Affected: 2.8.1
Affected: 2.9.0
Affected: 3.0.0
Affected: 3.1.0
Affected: 3.1.1
Affected: 3.2.0
Affected: 3.2.1
Affected: 3.2.2
Affected: 3.2.3
Affected: 3.2.4
Affected: 4.0.0
Affected: 4.0.1
Affected: 4.0.2
Affected: 5.0.0
Affected: 5.0.1
Affected: 5.0.2
Affected: 5.1.0
Affected: 5.1.1
Affected: 5.2.0
Affected: 5.2.1
Affected: 5.2.2
Affected: 5.3.0
Affected: 5.3.1
Affected: 5.4.0
Affected: 5.4.1
Affected: 5.5.0
Affected: 5.5.1
Affected: 5.6.0
Affected: 5.6.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-duo-auth-info-JgkSWBLz",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-auth-info-JgkSWBLz"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Duo Authentication Proxy",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.10.0"
            },
            {
              "status": "affected",
              "version": "2.10.1"
            },
            {
              "status": "affected",
              "version": "2.11.0"
            },
            {
              "status": "affected",
              "version": "2.12.0"
            },
            {
              "status": "affected",
              "version": "2.12.1"
            },
            {
              "status": "affected",
              "version": "2.13.0"
            },
            {
              "status": "affected",
              "version": "2.14.0"
            },
            {
              "status": "affected",
              "version": "2.4.10"
            },
            {
              "status": "affected",
              "version": "2.4.11"
            },
            {
              "status": "affected",
              "version": "2.4.12"
            },
            {
              "status": "affected",
              "version": "2.4.13"
            },
            {
              "status": "affected",
              "version": "2.4.14"
            },
            {
              "status": "affected",
              "version": "2.4.14.1"
            },
            {
              "status": "affected",
              "version": "2.4.15"
            },
            {
              "status": "affected",
              "version": "2.4.16"
            },
            {
              "status": "affected",
              "version": "2.4.17"
            },
            {
              "status": "affected",
              "version": "2.4.18"
            },
            {
              "status": "affected",
              "version": "2.4.19"
            },
            {
              "status": "affected",
              "version": "2.4.2"
            },
            {
              "status": "affected",
              "version": "2.4.20"
            },
            {
              "status": "affected",
              "version": "2.4.21"
            },
            {
              "status": "affected",
              "version": "2.4.3"
            },
            {
              "status": "affected",
              "version": "2.4.4"
            },
            {
              "status": "affected",
              "version": "2.4.5"
            },
            {
              "status": "affected",
              "version": "2.4.6"
            },
            {
              "status": "affected",
              "version": "2.4.7"
            },
            {
              "status": "affected",
              "version": "2.4.8"
            },
            {
              "status": "affected",
              "version": "2.4.9"
            },
            {
              "status": "affected",
              "version": "2.5.4"
            },
            {
              "status": "affected",
              "version": "2.6.0"
            },
            {
              "status": "affected",
              "version": "2.7.0"
            },
            {
              "status": "affected",
              "version": "2.8.1"
            },
            {
              "status": "affected",
              "version": "2.9.0"
            },
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            },
            {
              "status": "affected",
              "version": "4.0.2"
            },
            {
              "status": "affected",
              "version": "5.0.0"
            },
            {
              "status": "affected",
              "version": "5.0.1"
            },
            {
              "status": "affected",
              "version": "5.0.2"
            },
            {
              "status": "affected",
              "version": "5.1.0"
            },
            {
              "status": "affected",
              "version": "5.1.1"
            },
            {
              "status": "affected",
              "version": "5.2.0"
            },
            {
              "status": "affected",
              "version": "5.2.1"
            },
            {
              "status": "affected",
              "version": "5.2.2"
            },
            {
              "status": "affected",
              "version": "5.3.0"
            },
            {
              "status": "affected",
              "version": "5.3.1"
            },
            {
              "status": "affected",
              "version": "5.4.0"
            },
            {
              "status": "affected",
              "version": "5.4.1"
            },
            {
              "status": "affected",
              "version": "5.5.0"
            },
            {
              "status": "affected",
              "version": "5.5.1"
            },
            {
              "status": "affected",
              "version": "5.6.0"
            },
            {
              "status": "affected",
              "version": "5.6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the logging component of Cisco Duo Authentication Proxy could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.\r\n\r This vulnerability exists because certain unencrypted credentials are stored. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to view sensitive information in clear text."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:59.633Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-duo-auth-info-JgkSWBLz",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-auth-info-JgkSWBLz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-duo-auth-info-JgkSWBLz",
        "defects": [
          "CSCwf65004"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20207",
    "datePublished": "2023-07-12T13:51:48.952Z",
    "dateReserved": "2022-10-27T18:47:50.367Z",
    "dateUpdated": "2024-08-02T09:05:36.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6833 (GCVE-0-2023-6833)

Vulnerability from cvelistv5 – Published: 2024-04-23 05:35 – Updated: 2024-08-02 08:42
VLAI
Title
Information Exposure Vulnerability in Hitachi Ops Center Administrator
Summary
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
Hitachi Hitachi Ops Center Administrator Affected: 0 , < 11.0.1 (custom)
Create a notification for this product.
hitachi ops_center_administrator Affected: - , < 11.0.1 (custom)
    cpe:2.3:a:hitachi:ops_center_administrator:-:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hitachi:ops_center_administrator:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ops_center_administrator",
            "vendor": "hitachi",
            "versions": [
              {
                "lessThan": "11.0.1",
                "status": "affected",
                "version": "-",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6833",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-23T20:37:24.413071Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:16:56.663Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.916Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Hitachi Ops Center Administrator",
          "vendor": "Hitachi",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.\u003cp\u003eThis issue affects Hitachi Ops Center Administrator: before 11.0.1.\u003c/p\u003e"
            }
          ],
          "value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-114",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-114 Authentication Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-23T05:35:48.828Z",
        "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "shortName": "Hitachi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
        }
      ],
      "source": {
        "advisory": "hitachi-sec-2024-121",
        "discovery": "UNKNOWN"
      },
      "title": "Information Exposure Vulnerability in Hitachi Ops Center Administrator",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
    "assignerShortName": "Hitachi",
    "cveId": "CVE-2023-6833",
    "datePublished": "2024-04-23T05:35:48.828Z",
    "dateReserved": "2023-12-15T01:42:35.987Z",
    "dateUpdated": "2024-08-02T08:42:07.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6814 (GCVE-0-2023-6814)

Vulnerability from cvelistv5 – Published: 2024-03-12 03:39 – Updated: 2024-08-02 08:42
VLAI
Title
Information Exposure Vulnerability in Cosminexus Component Container
Summary
Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
Hitachi Cosminexus Component Container Affected: 11-30 , < 11-30-05 (custom)
Affected: 11-20 , < 11-20-07 (custom)
Affected: 11-10 , < 11-10-10 (custom)
Affected: 11-00 , < 11-00-12 (custom)
Affected: 08-00 , ≤ 09-* (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6814",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-12T13:30:31.864165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-28T01:57:04.242Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.404Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-118/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cosminexus Component Container",
          "vendor": "Hitachi",
          "versions": [
            {
              "changes": [
                {
                  "at": "11-30-05",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-30-05",
              "status": "affected",
              "version": "11-30",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11-20-07",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-20-07",
              "status": "affected",
              "version": "11-20",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11-10-10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-10-10",
              "status": "affected",
              "version": "11-10",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11-00-12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11-00-12",
              "status": "affected",
              "version": "11-00",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "09-*",
              "status": "affected",
              "version": "08-00",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.\u003cp\u003eThis issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.\u003c/p\u003e"
            }
          ],
          "value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-114",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-114 Authentication Abuse"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-16T03:10:06.839Z",
        "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "shortName": "Hitachi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-118/index.html"
        }
      ],
      "source": {
        "advisory": "hitachi-sec-2024-118",
        "discovery": "UNKNOWN"
      },
      "title": "Information Exposure Vulnerability in Cosminexus Component Container",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
    "assignerShortName": "Hitachi",
    "cveId": "CVE-2023-6814",
    "datePublished": "2024-03-12T03:39:22.392Z",
    "dateReserved": "2023-12-14T02:26:36.719Z",
    "dateUpdated": "2024-08-02T08:42:07.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6802 (GCVE-0-2023-6802)

Vulnerability from cvelistv5 – Published: 2023-12-21 20:45 – Updated: 2024-09-13 14:55
VLAI
Title
Sensitive Information in Log File in GitHub Enterprise Server
Summary
An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
GitHub Enterprise Server Affected: 3.8.0 , ≤ 3.8.11 (semver)
Affected: 3.9.0 , ≤ 3.9.6 (semver)
Affected: 3.10.0 , ≤ 3.10.3 (semver)
Affected: 3.11 , ≤ 3.11.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6802",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-27T16:11:11.467171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T14:55:25.219Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Enterprise Server",
          "vendor": "GitHub",
          "versions": [
            {
              "changes": [
                {
                  "at": "3.8.12",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.8.11",
              "status": "affected",
              "version": "3.8.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.9.7",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.9.6",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.10.4",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.10.3",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.11.1",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.11.0",
              "status": "affected",
              "version": "3.11",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified\u0026nbsp;that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u0026nbsp;This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u0026nbsp;"
            }
          ],
          "value": "An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified\u00a0that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-21",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-21 Exploitation of Trusted Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-21T20:45:24.749Z",
        "orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
        "shortName": "GitHub_P"
      },
      "references": [
        {
          "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Sensitive Information in Log File in GitHub Enterprise Server ",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
    "assignerShortName": "GitHub_P",
    "cveId": "CVE-2023-6802",
    "datePublished": "2023-12-21T20:45:24.749Z",
    "dateReserved": "2023-12-13T19:25:56.875Z",
    "dateUpdated": "2024-09-13T14:55:25.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6746 (GCVE-0-2023-6746)

Vulnerability from cvelistv5 – Published: 2023-12-21 20:45 – Updated: 2025-04-23 16:22
VLAI
Title
Sensitive Information in Log File in GitHub Enterprise Server
Summary
An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
GitHub Enterprise Server Affected: 3.7.0 , ≤ 3.7.18 (semver)
Affected: 3.8.0 , ≤ 3.8.11 (semver)
Affected: 3.9.0 , ≤ 3.9.6 (semver)
Affected: 3.10.0 , ≤ 3.10.3 (semver)
Affected: 3.11 , ≤ 3.11.0 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6746",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-03T19:23:28.577760Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T16:22:17.760Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Enterprise Server",
          "vendor": "GitHub",
          "versions": [
            {
              "changes": [
                {
                  "at": "3.7.19",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.7.18",
              "status": "affected",
              "version": "3.7.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.8.12",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.8.11",
              "status": "affected",
              "version": "3.8.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.9.7",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.9.6",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.10.4",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.10.3",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.11.1",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "3.11.0",
              "status": "affected",
              "version": "3.11",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u0026nbsp;This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u0026nbsp;"
            }
          ],
          "value": "An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-21",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-21 Exploitation of Trusted Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-10T15:55:16.814Z",
        "orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
        "shortName": "GitHub_P"
      },
      "references": [
        {
          "url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Sensitive Information in Log File in GitHub Enterprise Server ",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
    "assignerShortName": "GitHub_P",
    "cveId": "CVE-2023-6746",
    "datePublished": "2023-12-21T20:45:23.261Z",
    "dateReserved": "2023-12-12T17:17:59.803Z",
    "dateUpdated": "2025-04-23T16:22:17.760Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6687 (GCVE-0-2023-6687)

Vulnerability from cvelistv5 – Published: 2023-12-12 18:28 – Updated: 2024-08-02 08:35
VLAI
Title
Elastic Agent Insertion of Sensitive Information into Log File
Summary
An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent attempted to ingest, this could lead to the insertion of sensitive or private information in the Elastic Agent logs. Elastic has released 8.11.3 and 7.17.16 that prevents this issue by limiting these types of logs to DEBUG level logging, which is disabled by default.
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
Elastic Elastic Agent Affected: 7.0.0, 8.0.0 , < 7.17.16, 8.11.3 (semver)
Create a notification for this product.
Date Public
2023-12-12 17:10
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:35:14.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.elastic.co/t/beats-and-elastic-agent-8-11-3-7-17-16-security-update-esa-2023-30/349180"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Elastic Agent",
          "vendor": "Elastic",
          "versions": [
            {
              "lessThan": "7.17.16, 8.11.3",
              "status": "affected",
              "version": "7.0.0, 8.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2023-12-12T17:10:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent attempted to ingest, this could lead to the insertion of sensitive or private information in the Elastic Agent logs. Elastic has released 8.11.3 and 7.17.16 that prevents this issue by limiting these types of logs to DEBUG level logging, which is disabled by default."
            }
          ],
          "value": "An issue was discovered by Elastic whereby Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Elastic Agent attempted to ingest, this could lead to the insertion of sensitive or private information in the Elastic Agent logs. Elastic has released 8.11.3 and 7.17.16 that prevents this issue by limiting these types of logs to DEBUG level logging, which is disabled by default."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-21",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-21 Exploitation of Trusted Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-12T18:28:06.423Z",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "url": "https://discuss.elastic.co/t/beats-and-elastic-agent-8-11-3-7-17-16-security-update-esa-2023-30/349180"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Elastic Agent Insertion of Sensitive Information into Log File",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2023-6687",
    "datePublished": "2023-12-12T18:28:06.423Z",
    "dateReserved": "2023-12-11T16:20:50.242Z",
    "dateUpdated": "2024-08-02T08:35:14.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5499 (GCVE-0-2023-5499)

Vulnerability from cvelistv5 – Published: 2023-10-10 13:21 – Updated: 2024-08-02 07:59
VLAI
Title
Shenzhen Reachfar v28 information exposure
Summary
Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Date Public
2023-10-10 10:00
Credits
Joel Serna Moreno
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:59:44.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/shenzhen-reachfar-v28-information-exposure"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Shenzhen Reachfar v28",
          "vendor": "SHENZHEN REACHFAR TECHNOLOGY COMPANY LIMITED",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Joel Serna Moreno"
        }
      ],
      "datePublic": "2023-10-10T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week\u0027s logs stored in the \u0027log2\u0027 directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations."
            }
          ],
          "value": "Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week\u0027s logs stored in the \u0027log2\u0027 directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-19T14:38:41.121Z",
        "orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
        "shortName": "INCIBE"
      },
      "references": [
        {
          "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/shenzhen-reachfar-v28-information-exposure"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The reported vulnerability has been solved in the latest version of the affected product."
            }
          ],
          "value": "The reported vulnerability has been solved in the latest version of the affected product."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Shenzhen Reachfar v28 information exposure",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
    "assignerShortName": "INCIBE",
    "cveId": "CVE-2023-5499",
    "datePublished": "2023-10-10T13:21:59.698Z",
    "dateReserved": "2023-10-10T09:26:26.184Z",
    "dateUpdated": "2024-08-02T07:59:44.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5182 (GCVE-0-2023-5182)

Vulnerability from cvelistv5 – Published: 2023-10-06 23:28 – Updated: 2024-09-19 16:41
VLAI
Summary
Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Canonical Ltd. subiquity Affected: 0 , ≤ 23.09.1 (semver)
Create a notification for this product.
Date Public
2023-10-04 00:00
Credits
Patric Åhlin Johan Hortling
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:52:07.925Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5182"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://github.com/canonical/subiquity/pull/1820/commits/62e126896fb063808767d74d00886001e38eaa1c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5182",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T16:41:20.619067Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T16:41:29.487Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "packageName": "subiquity",
          "platforms": [
            "Linux"
          ],
          "product": "subiquity",
          "repo": "https://github.com/canonical/subiquity",
          "vendor": "Canonical Ltd.",
          "versions": [
            {
              "lessThanOrEqual": "23.09.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Patric \u00c5hlin"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Johan Hortling"
        }
      ],
      "datePublic": "2023-10-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-06T23:28:48.953Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5182"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/canonical/subiquity/pull/1820/commits/62e126896fb063808767d74d00886001e38eaa1c"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2023-5182",
    "datePublished": "2023-10-06T23:28:48.953Z",
    "dateReserved": "2023-09-25T18:11:51.008Z",
    "dateUpdated": "2024-09-19T16:41:29.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4688 (GCVE-0-2023-4688)

Vulnerability from cvelistv5 – Published: 2023-08-31 20:26 – Updated: 2024-09-26 20:35
VLAI
Summary
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Acronis Acronis Agent Affected: unspecified , < 35433 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:37:59.325Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SEC-5782",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security-advisory.acronis.com/advisories/SEC-5782"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4688",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T20:17:12.895413Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T20:35:33.496Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux",
            "macOS",
            "Windows"
          ],
          "product": "Acronis Agent",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "35433",
              "status": "affected",
              "version": "unspecified",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T20:26:56.338Z",
        "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "shortName": "Acronis"
      },
      "references": [
        {
          "name": "SEC-5782",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security-advisory.acronis.com/advisories/SEC-5782"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
    "assignerShortName": "Acronis",
    "cveId": "CVE-2023-4688",
    "datePublished": "2023-08-31T20:26:56.338Z",
    "dateReserved": "2023-08-31T20:23:36.131Z",
    "dateUpdated": "2024-09-26T20:35:33.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.