Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-3QWG-MV8Q-WH9C

Vulnerability from github – Published: 2022-05-17 03:31 – Updated: 2022-05-17 03:31
VLAI
Details

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-2943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-11-30T11:59:00Z",
    "severity": "LOW"
  },
  "details": "IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.",
  "id": "GHSA-3qwg-mv8q-wh9c",
  "modified": "2022-05-17T03:31:04Z",
  "published": "2022-05-17T03:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2943"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991960"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94617"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R5F-38CP-R8X3

Vulnerability from github – Published: 2023-10-04 12:30 – Updated: 2024-02-05 18:31
VLAI
Details

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-43261"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-04T12:15:10Z",
    "severity": "HIGH"
  },
  "details": "An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.",
  "id": "GHSA-3r5f-38cp-r8x3",
  "modified": "2024-02-05T18:31:36Z",
  "published": "2023-10-04T12:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43261"
    },
    {
      "type": "WEB",
      "url": "https://github.com/win3zz/CVE-2023-43261"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf"
    },
    {
      "type": "WEB",
      "url": "https://support.milesight-iot.com/support/home"
    },
    {
      "type": "WEB",
      "url": "http://milesight.com"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html"
    },
    {
      "type": "WEB",
      "url": "http://ur5x.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3R8Q-7C9H-RFP6

Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-07 03:30
VLAI
Details

In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21387"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-30T18:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-3r8q-7c9h-rfp6",
  "modified": "2023-11-07T03:30:26Z",
  "published": "2023-10-30T18:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21387"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/android-14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3RJX-WJ56-X9PM

Vulnerability from github – Published: 2023-10-10 15:30 – Updated: 2024-04-04 08:28
VLAI
Details

When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log.  

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-39447"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-10T13:15:20Z",
    "severity": "MODERATE"
  },
  "details": "\nWhen BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log.\u00a0\u00a0\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n",
  "id": "GHSA-3rjx-wj56-x9pm",
  "modified": "2024-04-04T08:28:50Z",
  "published": "2023-10-10T15:30:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39447"
    },
    {
      "type": "WEB",
      "url": "https://my.f5.com/manage/s/article/K47756555"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VM4-3XXH-8FG2

Vulnerability from github – Published: 2023-10-03 03:31 – Updated: 2024-03-07 06:30
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users  to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3335"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-03T02:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users\u00a0 to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.\n\n",
  "id": "GHSA-3vm4-3xxh-8fg2",
  "modified": "2024-03-07T06:30:30Z",
  "published": "2023-10-03T03:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3335"
    },
    {
      "type": "WEB",
      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-140/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3VMH-W4RR-25J3

Vulnerability from github – Published: 2023-12-21 21:30 – Updated: 2023-12-29 21:30
VLAI
Details

An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-21T21:15:14Z",
    "severity": "HIGH"
  },
  "details": "An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified\u00a0that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0",
  "id": "GHSA-3vmh-w4rr-25j3",
  "modified": "2023-12-29T21:30:45Z",
  "published": "2023-12-21T21:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6802"
    },
    {
      "type": "WEB",
      "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4"
    },
    {
      "type": "WEB",
      "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1"
    },
    {
      "type": "WEB",
      "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12"
    },
    {
      "type": "WEB",
      "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3WCR-5C6G-86GM

Vulnerability from github – Published: 2026-06-04 09:30 – Updated: 2026-06-04 21:31
VLAI
Details

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-50205"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-04T07:16:28Z",
    "severity": "HIGH"
  },
  "details": "System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data.",
  "id": "GHSA-3wcr-5c6g-86gm",
  "modified": "2026-06-04T21:31:20Z",
  "published": "2026-06-04T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50205"
    },
    {
      "type": "WEB",
      "url": "https://community.acer.com/en/kb/articles/19707"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3WG5-X88W-52FJ

Vulnerability from github – Published: 2024-10-09 18:31 – Updated: 2024-10-17 06:30
VLAI
Details

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-09T17:15:20Z",
    "severity": "HIGH"
  },
  "details": "A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.",
  "id": "GHSA-3wg5-x88w-52fj",
  "modified": "2024-10-17T06:30:32Z",
  "published": "2024-10-09T18:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9466"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/PAN-SA-2024-0010"
    },
    {
      "type": "WEB",
      "url": "https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-3WG9-G32R-G6J2

Vulnerability from github – Published: 2023-05-22 09:30 – Updated: 2024-04-04 04:16
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.

An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes.

This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-0010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-22T08:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.\n\n\nAn attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. \n\nThis issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.\n\n",
  "id": "GHSA-3wg9-g32r-g6j2",
  "modified": "2024-04-04T04:16:03Z",
  "published": "2023-05-22T09:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0010"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.108646530.1437951308.1684739395-1142547495.1678209228"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3X3Q-GHCP-WHF7

Vulnerability from github – Published: 2025-08-15 18:43 – Updated: 2025-09-26 17:19
VLAI
Summary
Template Secret leakage in logs in Scaffolder when using `fetch:template`
Details

A logging flaw in Backstage Scaffolder’s fetch:template action up to @backstage/plugin-scaffolder-backend 2.1.0 may write template secrets to logs. The action emitted a duplicate, pre-redaction copy of input parameters, so values provided via the {{ secrets }} bag could appear in local/server logs when the action ran. Exploitation requires use of the secrets argument and access to Scaffolder/build logs; integrity and availability are unaffected.

  • Fix: upgrade to 2.1.1, which removes the duplicate log path and ensures secrets are redacted.
  • Mitigation: avoid passing {{ secrets }} to fetch:template if upgrade is not possible.

Open an issue in the Backstage repository

Visit our Discord, linked to in Backstage README

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.1.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "@backstage/plugin-scaffolder-backend"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-55285"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-15T18:43:16Z",
    "nvd_published_at": "2025-08-15T18:15:27Z",
    "severity": "LOW"
  },
  "details": "A logging flaw in Backstage Scaffolder\u2019s `fetch:template` action up to `@backstage/plugin-scaffolder-backend` **2.1.0** may write template secrets to logs. The action emitted a duplicate, pre-redaction copy of input parameters, so values provided via the `{{ secrets }}` bag could appear in local/server logs when the action ran. Exploitation requires use of the `secrets` argument and access to Scaffolder/build logs; integrity and availability are unaffected.\n\n*   **Fix:** upgrade to `2.1.1`, which removes the duplicate log path and ensures secrets are redacted.\n*   **Mitigation:** avoid passing `{{ secrets }}` to `fetch:template` if upgrade is not possible.\n\n\u003e Open an issue in the [Backstage repository](https://github.com/backstage/backstage)\n\u003e\n\u003e Visit our Discord, linked to in [Backstage README](https://github.com/backstage/backstage)",
  "id": "GHSA-3x3q-ghcp-whf7",
  "modified": "2025-09-26T17:19:17Z",
  "published": "2025-08-15T18:43:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/backstage/backstage/security/advisories/GHSA-3x3q-ghcp-whf7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55285"
    },
    {
      "type": "WEB",
      "url": "https://github.com/backstage/backstage/commit/c371f6fe12371de31dca537510e6653e287cdc2e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/backstage/backstage"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Template Secret leakage in logs in Scaffolder when using `fetch:template`"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.