Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-49M7-VP55-6FJX

Vulnerability from github – Published: 2025-02-06 21:32 – Updated: 2025-02-06 21:32
VLAI
Details

Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-13416"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-06T19:15:19Z",
    "severity": "MODERATE"
  },
  "details": "Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log.",
  "id": "GHSA-49m7-vp55-6fjx",
  "modified": "2025-02-06T21:32:09Z",
  "published": "2025-02-06T21:32:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13416"
    },
    {
      "type": "WEB",
      "url": "https://www.2n.com/en-GB/download/cve_2024_1341x_2nos_2_46_v1pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4CXW-RRJ3-G8MV

Vulnerability from github – Published: 2022-08-11 00:00 – Updated: 2022-08-13 00:00
VLAI
Details

In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38133"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-10T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases",
  "id": "GHSA-4cxw-rrj3-g8mv",
  "modified": "2022-08-13T00:00:25Z",
  "published": "2022-08-11T00:00:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38133"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4FH9-X6RV-736M

Vulnerability from github – Published: 2024-12-06 15:31 – Updated: 2024-12-06 15:31
VLAI
Details

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42196"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-06T15:15:08Z",
    "severity": "MODERATE"
  },
  "details": "HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.",
  "id": "GHSA-4fh9-x6rv-736m",
  "modified": "2024-12-06T15:31:21Z",
  "published": "2024-12-06T15:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42196"
    },
    {
      "type": "WEB",
      "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117910"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4G6Q-77J7-VVJC

Vulnerability from github – Published: 2023-12-04 15:31 – Updated: 2026-05-08 20:42
VLAI
Summary
Logging of the firestore key within nodejs-firestore
Details

A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@google-cloud/firestore"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-6460"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532",
      "CWE-922"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-04T23:13:52Z",
    "nvd_published_at": "2023-12-04T13:15:07Z",
    "severity": "MODERATE"
  },
  "details": "A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue",
  "id": "GHSA-4g6q-77j7-vvjc",
  "modified": "2026-05-08T20:42:22Z",
  "published": "2023-12-04T15:31:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6460"
    },
    {
      "type": "WEB",
      "url": "https://github.com/googleapis/nodejs-firestore/pull/1742"
    },
    {
      "type": "WEB",
      "url": "https://bughunters.google.com/reports/vrp/KNvgo1Wij"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/googleapis/nodejs-firestore"
    },
    {
      "type": "WEB",
      "url": "https://github.com/googleapis/nodejs-firestore/releases/tag/v6.1.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Logging of the firestore key within nodejs-firestore"
}

GHSA-4G7H-2QWJ-W6HW

Vulnerability from github – Published: 2025-12-04 21:31 – Updated: 2025-12-04 21:31
VLAI
Details

Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-12996"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-04T20:16:17Z",
    "severity": "MODERATE"
  },
  "details": "Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.",
  "id": "GHSA-4g7h-2qwj-w6hw",
  "modified": "2025-12-04T21:31:05Z",
  "published": "2025-12-04T21:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12996"
    },
    {
      "type": "WEB",
      "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4GXR-H3CG-2J83

Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35
VLAI
Details

A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-0335"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-07T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602.",
  "id": "GHSA-4gxr-h3cg-2j83",
  "modified": "2022-05-13T01:35:23Z",
  "published": "2022-05-13T01:35:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0335"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-cpcp-id"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104473"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041069"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H8H-Q487-WMVF

Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI
Details

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-3425"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-01T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.",
  "id": "GHSA-4h8h-q487-wmvf",
  "modified": "2022-05-24T19:03:40Z",
  "published": "2022-05-24T19:03:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3425"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936629"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-4H9V-PF3C-8HJW

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17
VLAI
Details

An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-13T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs.",
  "id": "GHSA-4h9v-pf3c-8hjw",
  "modified": "2022-05-24T19:17:24Z",
  "published": "2022-05-24T19:17:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20129"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/research/tra-2021-42"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-4HQP-42W7-3HV5

Vulnerability from github – Published: 2023-10-13 18:30 – Updated: 2024-04-04 08:38
VLAI
Details

IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-40682"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-13T16:15:11Z",
    "severity": "MODERATE"
  },
  "details": "IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs.  IBM X-Force ID:  263833.",
  "id": "GHSA-4hqp-42w7-3hv5",
  "modified": "2024-04-04T08:38:12Z",
  "published": "2023-10-13T18:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40682"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/263833"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7051204"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J3G-RWWQ-4P54

Vulnerability from github – Published: 2026-02-04 12:31 – Updated: 2026-02-04 20:28
VLAI
Summary
Neo4j Enterprise and Community vulnerable to a potential information disclosure
Details

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files.

The "obfuscate_literals" option in the query logs does not redact error information, exposing unredacted data in the query log when a customer writes a query that fails. It can allow a user with legitimate access to the local log files to obtain information they are not authorised to see. If this user is also in a position to run queries and trigger errors, this vulnerability can potentially help them to infer information they are not authorised to see through their intended database access.

Neo4j recommends upgrading to versions 2026.01.3 (or 5.26.21) where the issue is fixed, and reviewing query log files permissions to ensure restricted access. If a project's configuration had db.logs.query.obfuscate_literals enabled, and users wish for the obfuscation to cover the error messages as well, theyneed to enable the new configuration setting db.logs.query.obfuscate_errors once they have upgraded Neo4j.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.neo4j:neo4j"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.26.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.neo4j:neo4j"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2025.01.0"
            },
            {
              "fixed": "2026.01.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-1622"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-04T20:28:55Z",
    "nvd_published_at": "2026-02-04T10:16:04Z",
    "severity": "MODERATE"
  },
  "details": "Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files.\n\nThe \"obfuscate_literals\" option in the query logs does not redact error information, exposing unredacted data in the query log when a customer writes a query that fails. It can allow a user with legitimate access to the local log files to obtain information they are not authorised to see. If this user is also in a position to run queries and trigger errors, this vulnerability can potentially help them to infer information they are not authorised to see through their intended database access.\n\nNeo4j recommends\u00a0upgrading to versions 2026.01.3 (or 5.26.21) where the issue is fixed, and reviewing query log files permissions to ensure restricted access. If a project\u0027s configuration had\u00a0db.logs.query.obfuscate_literals\u00a0enabled, and users wish for the obfuscation to cover the error messages as well, theyneed to enable the new configuration setting\u00a0db.logs.query.obfuscate_errors\u00a0once they have upgraded Neo4j.",
  "id": "GHSA-4j3g-rwwq-4p54",
  "modified": "2026-02-04T20:28:55Z",
  "published": "2026-02-04T12:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1622"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/neo4j/neo4j"
    },
    {
      "type": "WEB",
      "url": "https://neo4j.com/security/CVE-2026-1622"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Neo4j Enterprise and Community vulnerable to a potential information disclosure"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.