CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-49M7-VP55-6FJX
Vulnerability from github – Published: 2025-02-06 21:32 – Updated: 2025-02-06 21:32Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.
{
"affected": [],
"aliases": [
"CVE-2024-13416"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T19:15:19Z",
"severity": "MODERATE"
},
"details": "Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.",
"id": "GHSA-49m7-vp55-6fjx",
"modified": "2025-02-06T21:32:09Z",
"published": "2025-02-06T21:32:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13416"
},
{
"type": "WEB",
"url": "https://www.2n.com/en-GB/download/cve_2024_1341x_2nos_2_46_v1pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4CXW-RRJ3-G8MV
Vulnerability from github – Published: 2022-08-11 00:00 – Updated: 2022-08-13 00:00In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases
{
"affected": [],
"aliases": [
"CVE-2022-38133"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-10T16:15:00Z",
"severity": "MODERATE"
},
"details": "In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases",
"id": "GHSA-4cxw-rrj3-g8mv",
"modified": "2022-08-13T00:00:25Z",
"published": "2022-08-11T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38133"
},
{
"type": "WEB",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4FH9-X6RV-736M
Vulnerability from github – Published: 2024-12-06 15:31 – Updated: 2024-12-06 15:31HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
{
"affected": [],
"aliases": [
"CVE-2024-42196"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-06T15:15:08Z",
"severity": "MODERATE"
},
"details": "HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.",
"id": "GHSA-4fh9-x6rv-736m",
"modified": "2024-12-06T15:31:21Z",
"published": "2024-12-06T15:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42196"
},
{
"type": "WEB",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117910"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4G6Q-77J7-VVJC
Vulnerability from github – Published: 2023-12-04 15:31 – Updated: 2026-05-08 20:42A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@google-cloud/firestore"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-6460"
],
"database_specific": {
"cwe_ids": [
"CWE-532",
"CWE-922"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-04T23:13:52Z",
"nvd_published_at": "2023-12-04T13:15:07Z",
"severity": "MODERATE"
},
"details": "A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue",
"id": "GHSA-4g6q-77j7-vvjc",
"modified": "2026-05-08T20:42:22Z",
"published": "2023-12-04T15:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6460"
},
{
"type": "WEB",
"url": "https://github.com/googleapis/nodejs-firestore/pull/1742"
},
{
"type": "WEB",
"url": "https://bughunters.google.com/reports/vrp/KNvgo1Wij"
},
{
"type": "PACKAGE",
"url": "https://github.com/googleapis/nodejs-firestore"
},
{
"type": "WEB",
"url": "https://github.com/googleapis/nodejs-firestore/releases/tag/v6.1.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Logging of the firestore key within nodejs-firestore"
}
GHSA-4G7H-2QWJ-W6HW
Vulnerability from github – Published: 2025-12-04 21:31 – Updated: 2025-12-04 21:31Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.
{
"affected": [],
"aliases": [
"CVE-2025-12996"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-04T20:16:17Z",
"severity": "MODERATE"
},
"details": "Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.",
"id": "GHSA-4g7h-2qwj-w6hw",
"modified": "2025-12-04T21:31:05Z",
"published": "2025-12-04T21:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12996"
},
{
"type": "WEB",
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4GXR-H3CG-2J83
Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602.
{
"affected": [],
"aliases": [
"CVE-2018-0335"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-07T21:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602.",
"id": "GHSA-4gxr-h3cg-2j83",
"modified": "2022-05-13T01:35:23Z",
"published": "2022-05-13T01:35:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0335"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-cpcp-id"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104473"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041069"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4H8H-Q487-WMVF
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.
{
"affected": [],
"aliases": [
"CVE-2021-3425"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-01T20:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.",
"id": "GHSA-4h8h-q487-wmvf",
"modified": "2022-05-24T19:03:40Z",
"published": "2022-05-24T19:03:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3425"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936629"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4H9V-PF3C-8HJW
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.
{
"affected": [],
"aliases": [
"CVE-2021-20129"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-13T16:15:00Z",
"severity": "HIGH"
},
"details": "An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.",
"id": "GHSA-4h9v-pf3c-8hjw",
"modified": "2022-05-24T19:17:24Z",
"published": "2022-05-24T19:17:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20129"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/research/tra-2021-42"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4HQP-42W7-3HV5
Vulnerability from github – Published: 2023-10-13 18:30 – Updated: 2024-04-04 08:38IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.
{
"affected": [],
"aliases": [
"CVE-2023-40682"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-13T16:15:11Z",
"severity": "MODERATE"
},
"details": "IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.",
"id": "GHSA-4hqp-42w7-3hv5",
"modified": "2024-04-04T08:38:12Z",
"published": "2023-10-13T18:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40682"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/263833"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7051204"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4J3G-RWWQ-4P54
Vulnerability from github – Published: 2026-02-04 12:31 – Updated: 2026-02-04 20:28Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files.
The "obfuscate_literals" option in the query logs does not redact error information, exposing unredacted data in the query log when a customer writes a query that fails. It can allow a user with legitimate access to the local log files to obtain information they are not authorised to see. If this user is also in a position to run queries and trigger errors, this vulnerability can potentially help them to infer information they are not authorised to see through their intended database access.
Neo4j recommends upgrading to versions 2026.01.3 (or 5.26.21) where the issue is fixed, and reviewing query log files permissions to ensure restricted access. If a project's configuration had db.logs.query.obfuscate_literals enabled, and users wish for the obfuscation to cover the error messages as well, theyneed to enable the new configuration setting db.logs.query.obfuscate_errors once they have upgraded Neo4j.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.neo4j:neo4j"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.26.21"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.neo4j:neo4j"
},
"ranges": [
{
"events": [
{
"introduced": "2025.01.0"
},
{
"fixed": "2026.01.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-1622"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-04T20:28:55Z",
"nvd_published_at": "2026-02-04T10:16:04Z",
"severity": "MODERATE"
},
"details": "Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files.\n\nThe \"obfuscate_literals\" option in the query logs does not redact error information, exposing unredacted data in the query log when a customer writes a query that fails. It can allow a user with legitimate access to the local log files to obtain information they are not authorised to see. If this user is also in a position to run queries and trigger errors, this vulnerability can potentially help them to infer information they are not authorised to see through their intended database access.\n\nNeo4j recommends\u00a0upgrading to versions 2026.01.3 (or 5.26.21) where the issue is fixed, and reviewing query log files permissions to ensure restricted access. If a project\u0027s configuration had\u00a0db.logs.query.obfuscate_literals\u00a0enabled, and users wish for the obfuscation to cover the error messages as well, theyneed to enable the new configuration setting\u00a0db.logs.query.obfuscate_errors\u00a0once they have upgraded Neo4j.",
"id": "GHSA-4j3g-rwwq-4p54",
"modified": "2026-02-04T20:28:55Z",
"published": "2026-02-04T12:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1622"
},
{
"type": "PACKAGE",
"url": "https://github.com/neo4j/neo4j"
},
{
"type": "WEB",
"url": "https://neo4j.com/security/CVE-2026-1622"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Neo4j Enterprise and Community vulnerable to a potential information disclosure"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.