CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-588W-W6MV-3CW5
Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2024-09-04 19:59A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0.0"
},
{
"fixed": "2.4.1.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "2.3.0.0"
},
{
"fixed": "2.3.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-7550"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-02-08T18:09:23Z",
"nvd_published_at": "2017-11-21T17:29:00Z",
"severity": "CRITICAL"
},
"details": "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host\u0027s logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.",
"id": "GHSA-588w-w6mv-3cw5",
"modified": "2024-09-04T19:59:34Z",
"published": "2022-05-13T01:06:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7550"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/issues/30874"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/facbf7f14da29eea67ef68ab386fc15bd06d7c7f"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2966"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-7550"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473645"
},
{
"type": "PACKAGE",
"url": "https://github.com/ansible/ansible"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2017-4.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Ansible Insertion of Sensitive Information into Log File vulnerability"
}
GHSA-589Q-4FF5-Q295
Vulnerability from github – Published: 2022-11-15 12:00 – Updated: 2022-11-18 00:30Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0.
{
"affected": [],
"aliases": [
"CVE-2022-27896"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-14T21:15:00Z",
"severity": "HIGH"
},
"details": "Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0.",
"id": "GHSA-589q-4ff5-q295",
"modified": "2022-11-18T00:30:20Z",
"published": "2022-11-15T12:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27896"
},
{
"type": "WEB",
"url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-08.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-58GV-J5QC-234V
Vulnerability from github – Published: 2026-04-08 03:32 – Updated: 2026-04-08 03:32IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
{
"affected": [],
"aliases": [
"CVE-2026-4788"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T01:16:41Z",
"severity": "HIGH"
},
"details": "IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.",
"id": "GHSA-58gv-j5qc-234v",
"modified": "2026-04-08T03:32:13Z",
"published": "2026-04-08T03:32:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4788"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7268267"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-58H3-6JJJ-X58Q
Vulnerability from github – Published: 2025-07-30 18:31 – Updated: 2025-07-30 18:31Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
{
"affected": [],
"aliases": [
"CVE-2025-30105"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-30T18:15:30Z",
"severity": "HIGH"
},
"details": "Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
"id": "GHSA-58h3-6jjj-x58q",
"modified": "2025-07-30T18:31:37Z",
"published": "2025-07-30T18:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30105"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000337241/dsa-2025-108-security-update-for-dell-emc-xtremio-x2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-58RJ-C7P7-F4H9
Vulnerability from github – Published: 2022-12-09 03:30 – Updated: 2022-12-12 18:30Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.
{
"affected": [],
"aliases": [
"CVE-2022-33187"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-09T02:15:00Z",
"severity": "MODERATE"
},
"details": "Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.",
"id": "GHSA-58rj-c7p7-f4h9",
"modified": "2022-12-12T18:30:29Z",
"published": "2022-12-09T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33187"
},
{
"type": "WEB",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2122"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-592J-GC76-G9P7
Vulnerability from github – Published: 2025-04-17 18:31 – Updated: 2026-04-01 18:34Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup & Migration: from n/a through 1.5.3.
{
"affected": [],
"aliases": [
"CVE-2025-24651"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-17T16:15:33Z",
"severity": "MODERATE"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup \u0026 Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup \u0026 Migration: from n/a through 1.5.3.",
"id": "GHSA-592j-gc76-g9p7",
"modified": "2026-04-01T18:34:46Z",
"published": "2025-04-17T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24651"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/wp-migration-duplicator/vulnerability/wordpress-webtoffee-wp-backup-and-migration-plugin-1-5-3-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-595W-9635-GR7C
Vulnerability from github – Published: 2026-05-13 18:30 – Updated: 2026-05-18 15:30When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted.
This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.
{
"affected": [],
"aliases": [
"CVE-2026-8200"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-13T04:17:41Z",
"severity": "MODERATE"
},
"details": "When schema validation is enabled on a collection and an update or insert would violate the collection\u0027s schema, the local server log message generated may not have all user data redacted.\u00a0\n\n\nThis issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.",
"id": "GHSA-595w-9635-gr7c",
"modified": "2026-05-18T15:30:33Z",
"published": "2026-05-13T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8200"
},
{
"type": "WEB",
"url": "https://jira.mongodb.org/browse/SERVER-121895"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-59HW-HXF5-WMG6
Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2024-04-04 01:27In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
{
"affected": [],
"aliases": [
"CVE-2016-10819"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-01T19:15:00Z",
"severity": "MODERATE"
},
"details": "In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).",
"id": "GHSA-59hw-hxf5-wmg6",
"modified": "2024-04-04T01:27:27Z",
"published": "2022-05-24T16:52:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10819"
},
{
"type": "WEB",
"url": "https://documentation.cpanel.net/display/CL/58+Change+Log"
},
{
"type": "WEB",
"url": "https://news.cpanel.com/cpanel-tsr-2016-0003-full-disclosure"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-59QP-8H5F-H6H4
Vulnerability from github – Published: 2023-10-26 00:30 – Updated: 2023-11-06 18:30If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.
{
"affected": [],
"aliases": [
"CVE-2023-46668"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-26T00:15:12Z",
"severity": "CRITICAL"
},
"details": "If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.",
"id": "GHSA-59qp-8h5f-h6h4",
"modified": "2023-11-06T18:30:17Z",
"published": "2023-10-26T00:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46668"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203"
},
{
"type": "WEB",
"url": "https://www.elastic.co/community/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-59WM-XJ7C-3VQ4
Vulnerability from github – Published: 2022-09-29 00:00 – Updated: 2025-05-21 15:30A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
{
"affected": [],
"aliases": [
"CVE-2022-23716"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-28T20:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.",
"id": "GHSA-59wm-xj7c-3vq4",
"modified": "2025-05-21T15:30:27Z",
"published": "2022-09-29T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23716"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
},
{
"type": "WEB",
"url": "https://www.elastic.co/community/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.