CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1742 vulnerabilities reference this CWE, most recent first.
GHSA-2CMF-8P7P-W9M7
Vulnerability from github – Published: 2024-01-13 00:30 – Updated: 2024-01-13 00:30A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-250577 was assigned to this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2024-0472"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-12T22:15:45Z",
"severity": "LOW"
},
"details": "A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file modifyuser.php. The manipulation of the argument mname leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-250577 was assigned to this vulnerability.",
"id": "GHSA-2cmf-8p7p-w9m7",
"modified": "2024-01-13T00:30:25Z",
"published": "2024-01-13T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0472"
},
{
"type": "WEB",
"url": "https://github.com/yingqian1984/FirePunch/blob/main/7-Dormitory%20Management%20System%20has%20Database%20information%20leakage%20modifyuser.php.pdf"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.250577"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.250577"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2CVF-R9JM-4QM9
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2024-09-13 15:15A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ceilometer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.0.0.0rc1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-3830"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-19T20:01:06Z",
"nvd_published_at": "2019-03-26T18:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in ceilometer before version 12.0.0.0rc1. An Information Exposure in ceilometer-agent prints sensitive configuration data to log files without DEBUG logging being activated.",
"id": "GHSA-2cvf-r9jm-4qm9",
"modified": "2024-09-13T15:15:21Z",
"published": "2022-05-13T01:14:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3830"
},
{
"type": "WEB",
"url": "https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3"
},
{
"type": "WEB",
"url": "https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3#diff-f2d2273521cce7e69f7032c6185936736a5acc70b2b2f90d956b9a7998b087cd"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0919"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3830"
},
{
"type": "PACKAGE",
"url": "https://github.com/openstack/ceilometer"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/ceilometer/PYSEC-2019-78.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Ceilometer Prints Sensitive Configuration Data to Log"
}
GHSA-2FC7-57PG-9G23
Vulnerability from github – Published: 2024-02-17 18:30 – Updated: 2024-02-17 18:30IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279977.
{
"affected": [],
"aliases": [
"CVE-2024-22337"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-17T16:15:47Z",
"severity": "MODERATE"
},
"details": "IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 279977.",
"id": "GHSA-2fc7-57pg-9g23",
"modified": "2024-02-17T18:30:31Z",
"published": "2024-02-17T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22337"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279977"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7118642"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2GHV-58HC-7529
Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2024-04-04 00:05aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component.
{
"affected": [],
"aliases": [
"CVE-2019-9724"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-24T14:29:00Z",
"severity": "HIGH"
},
"details": "aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component.",
"id": "GHSA-2ghv-58hc-7529",
"modified": "2024-04-04T00:05:11Z",
"published": "2022-05-24T16:44:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9724"
},
{
"type": "WEB",
"url": "https://github.com/aquaverde/aquarius-core/commit/d1dfa5b8280388a0b6f2f341f0681522dbea03b0"
},
{
"type": "WEB",
"url": "https://www.tryption.ch/de/2019/04/19/information-disclosure-im-aquarius-cms"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2GJ9-8RM6-PV54
Vulnerability from github – Published: 2025-05-28 09:31 – Updated: 2025-05-28 09:31A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log.
{
"affected": [],
"aliases": [
"CVE-2025-46777"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-28T08:15:22Z",
"severity": "LOW"
},
"details": "A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log.",
"id": "GHSA-2gj9-8rm6-pv54",
"modified": "2025-05-28T09:31:27Z",
"published": "2025-05-28T09:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46777"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-380"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2H4F-VPMV-8MR9
Vulnerability from github – Published: 2024-03-07 21:30 – Updated: 2024-03-07 21:30IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408.
{
"affected": [],
"aliases": [
"CVE-2023-46171"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-07T21:15:07Z",
"severity": "MODERATE"
},
"details": "IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408.",
"id": "GHSA-2h4f-vpmv-8mr9",
"modified": "2024-03-07T21:30:21Z",
"published": "2024-03-07T21:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46171"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/269408"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7130084"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2H6R-JW9F-853P
Vulnerability from github – Published: 2023-12-12 03:31 – Updated: 2023-12-13 21:30A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2. An app may be able to access sensitive user data.
{
"affected": [],
"aliases": [
"CVE-2023-42927"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-12T01:15:12Z",
"severity": "MODERATE"
},
"details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2. An app may be able to access sensitive user data.",
"id": "GHSA-2h6r-jw9f-853p",
"modified": "2023-12-13T21:30:29Z",
"published": "2023-12-12T03:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42927"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214035"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214036"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT214041"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Dec/13"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Dec/7"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Dec/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2HG5-44F2-X8XW
Vulnerability from github – Published: 2022-05-17 02:57 – Updated: 2022-05-17 02:57An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log files (PRIVILEGE ESCALATION).
{
"affected": [],
"aliases": [
"CVE-2016-8346"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-13T21:59:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access configuration and log files (PRIVILEGE ESCALATION).",
"id": "GHSA-2hg5-44f2-x8xw",
"modified": "2022-05-17T02:57:57Z",
"published": "2022-05-17T02:57:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8346"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-294-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/93800"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2HG9-7GHW-WRH4
Vulnerability from github – Published: 2022-05-13 01:45 – Updated: 2022-05-13 01:45An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.
{
"affected": [],
"aliases": [
"CVE-2017-4955"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-13T06:29:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in Pivotal PCF Elastic Runtime 1.6.x versions prior to 1.6.65, 1.7.x versions prior to 1.7.48, 1.8.x versions prior to 1.8.28, and 1.9.x versions prior to 1.9.5. Several credentials were present in the logs for the Notifications errand in the PCF Elastic Runtime tile.",
"id": "GHSA-2hg9-7ghw-wrh4",
"modified": "2022-05-13T01:45:59Z",
"published": "2022-05-13T01:45:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-4955"
},
{
"type": "WEB",
"url": "https://pivotal.io/security/cve-2017-4955"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97082"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-2HJR-VMF3-XWVP
Vulnerability from github – Published: 2024-07-26 06:30 – Updated: 2024-07-26 14:18An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.elasticsearch:elasticsearch"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.17.16"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.elasticsearch:elasticsearch"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "8.11.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-49921"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-07-26T14:18:08Z",
"nvd_published_at": "2024-07-26T05:15:10Z",
"severity": "MODERATE"
},
"details": "An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input\u2019s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.",
"id": "GHSA-2hjr-vmf3-xwvp",
"modified": "2024-07-26T14:18:08Z",
"published": "2024-07-26T06:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49921"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179"
},
{
"type": "PACKAGE",
"url": "https://github.com/elastic/elasticsearch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Elasticsearch Insertion of Sensitive Information into Log File"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.