CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1744 vulnerabilities reference this CWE, most recent first.
CVE-2021-36278 (GCVE-0-2021-36278)
Vulnerability from cvelistv5 – Published: 2021-08-16 22:00 – Updated: 2024-09-17 03:03- CWE-532 - Information Exposure Through Log Files
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/000190408 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerScale OneFS |
Affected:
8.2.x, 9.1.0.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:54:51.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000190408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerScale OneFS",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "8.2.x, 9.1.0.x"
}
]
}
],
"datePublic": "2021-08-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T15:55:09.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000190408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-08-10",
"ID": "CVE-2021-36278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerScale OneFS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "8.2.x, 9.1.0.x"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell EMC PowerScale OneFS versions 8.2.x, 9.1.0.x, and 9.1.1.1 contain a sensitive information exposure vulnerability in log files. A local malicious user with ISI_PRIV_LOGIN_SSH, ISI_PRIV_LOGIN_CONSOLE, or ISI_PRIV_SYS_SUPPORT privileges may exploit this vulnerability to access sensitive information. If any third-party consumes those logs, the same sensitive information is available to those systems as well."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000190408",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000190408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-36278",
"datePublished": "2021-08-16T22:00:29.902Z",
"dateReserved": "2021-07-08T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:03:09.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34800 (GCVE-0-2021-34800)
Vulnerability from cvelistv5 – Published: 2021-11-29 19:16 – Updated: 2024-09-16 19:30| URL | Tags |
|---|---|
| https://security-advisory.acronis.com/advisories/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Acronis | Acronis Agent |
Affected:
unspecified , < 27147
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:53.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-3145"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "Acronis Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "27147",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"Linux"
],
"product": "Acronis Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "27147",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"macOS"
],
"product": "Acronis Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "27147",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 27147"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-29T19:16:14.000Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-3145"
}
],
"source": {
"advisory": "SEC-3145",
"defect": [
"SEC-3145"
],
"discovery": "INTERNAL"
},
"title": "Sensitive information could be logged",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@acronis.com",
"DATE_PUBLIC": "2021-11-25T00:00:00.000Z",
"ID": "CVE-2021-34800",
"STATE": "PUBLIC",
"TITLE": "Sensitive information could be logged"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acronis Agent",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "27147"
},
{
"platform": "Linux",
"version_affected": "\u003c",
"version_value": "27147"
},
{
"platform": "macOS",
"version_affected": "\u003c",
"version_value": "27147"
}
]
}
}
]
},
"vendor_name": "Acronis"
}
]
}
},
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sensitive information could be logged. The following products are affected: Acronis Agent (Windows, Linux, macOS) before build 27147"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-advisory.acronis.com/advisories/SEC-3145",
"refsource": "MISC",
"url": "https://security-advisory.acronis.com/advisories/SEC-3145"
}
]
},
"source": {
"advisory": "SEC-3145",
"defect": [
"SEC-3145"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2021-34800",
"datePublished": "2021-11-29T19:16:14.115Z",
"dateReserved": "2021-06-16T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:30:26.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34797 (GCVE-0-2021-34797)
Vulnerability from cvelistv5 – Published: 2022-01-04 08:55 – Updated: 2024-08-04 00:26- CWE-532 - Insertion of Sensitive Information into Log File
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/p4l0g49rzzzpn8yt9… | x_refsource_MISC |
| https://lists.apache.org/thread/nq2w9gjzm1cjx1rh6… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Geode |
Affected:
Apache Geode , ≤ 1.12.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:26:54.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/p4l0g49rzzzpn8yt9q9p0xp52h3zmsmk"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/nq2w9gjzm1cjx1rh6zw41ty39qw7qpx4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Geode",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.12.4",
"status": "affected",
"version": "Apache Geode",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Apache Geode would like to thank Aaron Lindsey for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix \"sysprop-\", \"javax.net.ssl\", or \"security-\". This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0."
}
],
"metrics": [
{
"other": {
"content": {
"other": "low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-04T08:55:20.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/p4l0g49rzzzpn8yt9q9p0xp52h3zmsmk"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/nq2w9gjzm1cjx1rh6zw41ty39qw7qpx4"
}
],
"source": {
"defect": [
"GEODE-9354"
],
"discovery": "UNKNOWN"
},
"title": "Apache Geode project log file redaction of sensitive information vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-34797",
"STATE": "PUBLIC",
"TITLE": "Apache Geode project log file redaction of sensitive information vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Geode",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "Apache Geode",
"version_value": "1.12.4"
},
{
"version_affected": "\u003c=",
"version_name": "Apache Geode",
"version_value": "1.13.4 +1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Geode would like to thank Aaron Lindsey for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Geode versions up to 1.12.4 and 1.13.4 are vulnerable to a log file redaction of sensitive information flaw when using values that begin with characters other than letters or numbers for passwords and security properties with the prefix \"sysprop-\", \"javax.net.ssl\", or \"security-\". This issue is fixed by overhauling the log file redaction in Apache Geode versions 1.12.5, 1.13.5, and 1.14.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/p4l0g49rzzzpn8yt9q9p0xp52h3zmsmk",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/p4l0g49rzzzpn8yt9q9p0xp52h3zmsmk"
},
{
"name": "https://lists.apache.org/thread/nq2w9gjzm1cjx1rh6zw41ty39qw7qpx4",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/nq2w9gjzm1cjx1rh6zw41ty39qw7qpx4"
}
]
},
"source": {
"defect": [
"GEODE-9354"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-34797",
"datePublished": "2022-01-04T08:55:20.000Z",
"dateReserved": "2021-06-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T00:26:54.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32801 (GCVE-0-2021-32801)
Vulnerability from cvelistv5 – Published: 2021-09-07 21:40 – Updated: 2024-08-03 23:33- CWE-532 - Insertion of Sensitive Information into Log File
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/server/pull/28082 | x_refsource_MISC |
| https://hackerone.com/reports/1251776 | x_refsource_MISC |
| https://security.gentoo.org/glsa/202208-17 | vendor-advisoryx_refsource_GENTOO |
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
< 20.0.12
Affected: >= 21.0.0, < 21.0.4 Affected: >= 22.0.0, < 22.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mcpf-v65v-359h"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/server/pull/28082"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1251776"
},
{
"name": "GLSA-202208-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003c 20.0.12"
},
{
"status": "affected",
"version": "\u003e= 21.0.0, \u003c 21.0.4"
},
{
"status": "affected",
"version": "\u003e= 22.0.0, \u003c 22.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. If upgrading is not an option users are advised to disable system logging to resolve this issue until such time that an upgrade can be performed Note that ff you do not use the Encryption-at-Rest functionality of Nextcloud you are not affected by this bug."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-11T00:06:15.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mcpf-v65v-359h"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/server/pull/28082"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1251776"
},
{
"name": "GLSA-202208-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-17"
}
],
"source": {
"advisory": "GHSA-mcpf-v65v-359h",
"discovery": "UNKNOWN"
},
"title": "Exceptions may have logged Encryption-at-Rest key content in Nextcloud server",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32801",
"STATE": "PUBLIC",
"TITLE": "Exceptions may have logged Encryption-at-Rest key content in Nextcloud server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "security-advisories",
"version": {
"version_data": [
{
"version_value": "\u003c 20.0.12"
},
{
"version_value": "\u003e= 21.0.0, \u003c 21.0.4"
},
{
"version_value": "\u003e= 22.0.0, \u003c 22.1.0"
}
]
}
}
]
},
"vendor_name": "nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. If upgrading is not an option users are advised to disable system logging to resolve this issue until such time that an upgrade can be performed Note that ff you do not use the Encryption-at-Rest functionality of Nextcloud you are not affected by this bug."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mcpf-v65v-359h",
"refsource": "CONFIRM",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mcpf-v65v-359h"
},
{
"name": "https://github.com/nextcloud/server/pull/28082",
"refsource": "MISC",
"url": "https://github.com/nextcloud/server/pull/28082"
},
{
"name": "https://hackerone.com/reports/1251776",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1251776"
},
{
"name": "GLSA-202208-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-17"
}
]
},
"source": {
"advisory": "GHSA-mcpf-v65v-359h",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32801",
"datePublished": "2021-09-07T21:40:11.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:56.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32767 (GCVE-0-2021-32767)
Vulnerability from cvelistv5 – Published: 2021-07-20 16:00 – Updated: 2024-08-03 23:33- CWE-532 - Insertion of Sensitive Information into Log File
| URL | Tags |
|---|---|
| https://github.com/TYPO3/TYPO3.CMS/security/advis… | x_refsource_CONFIRM |
| https://typo3.org/security/advisory/typo3-core-sa… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TYPO3.CMS",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.5.28"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.4.18"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-09T15:28:30.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012"
}
],
"source": {
"advisory": "GHSA-34fr-fhqr-7235",
"discovery": "UNKNOWN"
},
"title": "Information Disclosure in User Authentication",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32767",
"STATE": "PUBLIC",
"TITLE": "Information Disclosure in User Authentication"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TYPO3.CMS",
"version": {
"version_data": [
{
"version_value": "\u003e= 9.0.0, \u003c 9.5.28"
},
{
"version_value": "\u003e= 10.0.0, \u003c 10.4.18"
},
{
"version_value": "\u003e= 11.0.0, \u003c 11.3.1"
}
]
}
}
]
},
"vendor_name": "TYPO3"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235",
"refsource": "CONFIRM",
"url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-34fr-fhqr-7235"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2021-012",
"refsource": "MISC",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-012"
}
]
},
"source": {
"advisory": "GHSA-34fr-fhqr-7235",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32767",
"datePublished": "2021-07-20T16:00:11.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32724 (GCVE-0-2021-32724)
Vulnerability from cvelistv5 – Published: 2021-09-09 21:00 – Updated: 2024-08-03 23:33- CWE-532 - Insertion of Sensitive Information into Log File
| URL | Tags |
|---|---|
| https://github.com/check-spelling/check-spelling/… | x_refsource_CONFIRM |
| https://github.com/check-spelling/check-spelling/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| check-spelling | check-spelling |
Affected:
< 0.0.19
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:54.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/check-spelling/check-spelling/commit/436362fc6b588d9d561cbdb575260ca593c8dc56"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "check-spelling",
"vendor": "check-spelling",
"versions": [
{
"status": "affected",
"version": "\u003c 0.0.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it\u0027s possible to push commits to the repository bypassing standard approval processes. Commits to the repository could then steal any/all secrets available to the repository. As a workaround users may can either: [Disable the workflow](https://docs.github.com/en/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) until you\u0027ve fixed all branches or Set repository to [Allow specific actions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#allowing-specific-actions-to-run). check-spelling isn\u0027t a verified creator and it certainly won\u0027t be anytime soon. You could then explicitly add other actions that your repository uses. Set repository [Workflow permissions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository) to `Read repository contents permission`. Workflows using `check-spelling/check-spelling@main` will get the fix automatically. Workflows using a pinned sha or tagged version will need to change the affected workflows for all repository branches to the latest version. Users can verify who and which Pull Requests have been running the action by looking up the spelling.yml action in the Actions tab of their repositories, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml - you can filter PRs by adding ?query=event%3Apull_request_target, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml?query=event%3Apull_request_target."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-09T21:00:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/check-spelling/check-spelling/commit/436362fc6b588d9d561cbdb575260ca593c8dc56"
}
],
"source": {
"advisory": "GHSA-g86g-chm8-7r2p",
"discovery": "UNKNOWN"
},
"title": "check-spelling workflow vulnerable to GITHUB_TOKEN leakage via symlink attack",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32724",
"STATE": "PUBLIC",
"TITLE": "check-spelling workflow vulnerable to GITHUB_TOKEN leakage via symlink attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "check-spelling",
"version": {
"version_data": [
{
"version_value": "\u003c 0.0.19"
}
]
}
}
]
},
"vendor_name": "check-spelling"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it\u0027s possible to push commits to the repository bypassing standard approval processes. Commits to the repository could then steal any/all secrets available to the repository. As a workaround users may can either: [Disable the workflow](https://docs.github.com/en/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) until you\u0027ve fixed all branches or Set repository to [Allow specific actions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#allowing-specific-actions-to-run). check-spelling isn\u0027t a verified creator and it certainly won\u0027t be anytime soon. You could then explicitly add other actions that your repository uses. Set repository [Workflow permissions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository) to `Read repository contents permission`. Workflows using `check-spelling/check-spelling@main` will get the fix automatically. Workflows using a pinned sha or tagged version will need to change the affected workflows for all repository branches to the latest version. Users can verify who and which Pull Requests have been running the action by looking up the spelling.yml action in the Actions tab of their repositories, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml - you can filter PRs by adding ?query=event%3Apull_request_target, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml?query=event%3Apull_request_target."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532: Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p",
"refsource": "CONFIRM",
"url": "https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p"
},
{
"name": "https://github.com/check-spelling/check-spelling/commit/436362fc6b588d9d561cbdb575260ca593c8dc56",
"refsource": "MISC",
"url": "https://github.com/check-spelling/check-spelling/commit/436362fc6b588d9d561cbdb575260ca593c8dc56"
}
]
},
"source": {
"advisory": "GHSA-g86g-chm8-7r2p",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32724",
"datePublished": "2021-09-09T21:00:11.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:54.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27022 (GCVE-0-2021-27022)
Vulnerability from cvelistv5 – Published: 2021-09-07 13:03 – Updated: 2024-08-03 20:40- CWE-532 - [CWE-532: Insertion of Sensitive Information into Log File|https://cwe.mitre.org/data/definitions/532.html]
| URL | Tags |
|---|---|
| https://puppet.com/security/cve/cve-2021-27022/%5D | x_refsource_MISC |
| https://puppet.com/security/cve/cve-2021-27022/ | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Puppet Enterprise |
Affected:
2019.8.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2021-27022/%5D"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2021-27022/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Puppet Enterprise",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2019.8.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "[CWE-532: Insertion of Sensitive Information into Log File|https://cwe.mitre.org/data/definitions/532.html]",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-21T11:03:04.000Z",
"orgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"shortName": "puppet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://puppet.com/security/cve/cve-2021-27022/%5D"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://puppet.com/security/cve/cve-2021-27022/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@puppet.com",
"ID": "CVE-2021-27022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Puppet Enterprise",
"version": {
"version_data": [
{
"version_value": "2019.8.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes (inventory service nodes)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "[CWE-532: Insertion of Sensitive Information into Log File|https://cwe.mitre.org/data/definitions/532.html]"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2021-27022/]",
"refsource": "MISC",
"url": "https://puppet.com/security/cve/cve-2021-27022/]"
},
{
"name": "https://puppet.com/security/cve/cve-2021-27022/",
"refsource": "MISC",
"url": "https://puppet.com/security/cve/cve-2021-27022/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca2a266c-be2f-4d4b-92d0-47b76b1a9c4e",
"assignerShortName": "puppet",
"cveId": "CVE-2021-27022",
"datePublished": "2021-09-07T13:03:48.000Z",
"dateReserved": "2021-02-09T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:40:47.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26908 (GCVE-0-2021-26908)
Vulnerability from cvelistv5 – Published: 2021-04-23 15:35 – Updated: 2024-09-17 01:26- CWE-532 - Information Exposure Through Log Files
| URL | Tags |
|---|---|
| https://community.automox.com/t/cve-2021-26908-an… | x_refsource_CONFIRM |
| https://www.rapid7.com/blog/post/2021/04/13/cve-2… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Automox | Automox Agent |
Affected:
30 , < 30
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:33:41.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.automox.com/t/cve-2021-26908-and-cve-201-26909-automox-agent-information-disclosure-vulnerabilities-fixed/1955"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.rapid7.com/blog/post/2021/04/13/cve-2021-26908-and-cve-2021-26909-automox-agent-information-disclosure-fixed/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Automox Agent",
"vendor": "Automox",
"versions": [
{
"lessThan": "30",
"status": "affected",
"version": "30",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Danny Jordan of Rapid7, and disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday"
}
],
"datePublic": "2021-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization\u0027s security program. The issue has since been fixed in version 31 of the Automox Agent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-23T15:35:19.000Z",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.automox.com/t/cve-2021-26908-and-cve-201-26909-automox-agent-information-disclosure-vulnerabilities-fixed/1955"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rapid7.com/blog/post/2021/04/13/cve-2021-26908-and-cve-2021-26909-automox-agent-information-disclosure-fixed/"
}
],
"source": {
"discovery": "USER"
},
"title": "Automox Agent Sensitive Log Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2021-04-13T16:00:00.000Z",
"ID": "CVE-2021-26908",
"STATE": "PUBLIC",
"TITLE": "Automox Agent Sensitive Log Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automox Agent",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "30",
"version_value": "30"
}
]
}
}
]
},
"vendor_name": "Automox"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Danny Jordan of Rapid7, and disclosed in accordance with Rapid7\u0027s vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization\u0027s security program. The issue has since been fixed in version 31 of the Automox Agent."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.automox.com/t/cve-2021-26908-and-cve-201-26909-automox-agent-information-disclosure-vulnerabilities-fixed/1955",
"refsource": "CONFIRM",
"url": "https://community.automox.com/t/cve-2021-26908-and-cve-201-26909-automox-agent-information-disclosure-vulnerabilities-fixed/1955"
},
{
"name": "https://www.rapid7.com/blog/post/2021/04/13/cve-2021-26908-and-cve-2021-26909-automox-agent-information-disclosure-fixed/",
"refsource": "MISC",
"url": "https://www.rapid7.com/blog/post/2021/04/13/cve-2021-26908-and-cve-2021-26909-automox-agent-information-disclosure-fixed/"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2021-26908",
"datePublished": "2021-04-23T15:35:20.041Z",
"dateReserved": "2021-02-08T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:26:49.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25009 (GCVE-0-2021-25009)
Vulnerability from cvelistv5 – Published: 2022-03-07 08:16 – Updated: 2024-08-03 19:49- CWE-532 - Insertion of Sensitive Information into Log File
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/ce2e3503-9a06-4f… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | CorreosExpress – Shipping Management – Tags |
Affected:
2.6.0 , ≤ 2.6.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CorreosExpress \u2013 Shipping Management \u2013 Tags",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.6.0",
"status": "affected",
"version": "2.6.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jos\u00e9 Aguilera"
}
],
"descriptions": [
{
"lang": "en",
"value": "The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:13.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CorreosExpress \u003c= 2.6.0 - Sensitive Information Disclosure",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-25009",
"STATE": "PUBLIC",
"TITLE": "CorreosExpress \u003c= 2.6.0 - Sensitive Information Disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CorreosExpress \u2013 Shipping Management \u2013 Tags",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.6.0",
"version_value": "2.6.0"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jos\u00e9 Aguilera"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 Insertion of Sensitive Information into Log File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-25009",
"datePublished": "2022-03-07T08:16:13.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23046 (GCVE-0-2021-23046)
Vulnerability from cvelistv5 – Published: 2021-09-14 14:10 – Updated: 2024-08-03 18:58| URL | Tags |
|---|---|
| https://support.f5.com/csp/article/K70652532 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | BIG-IP Guided Configuration |
Affected:
All versions before 8.0.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K70652532"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP Guided Configuration",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions before 8.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-14T14:10:01.000Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K70652532"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2021-23046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP Guided Configuration",
"version": {
"version_data": [
{
"version_value": "All versions before 8.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K70652532",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K70652532"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2021-23046",
"datePublished": "2021-09-14T14:10:01.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:58:26.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.