Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-588W-W6MV-3CW5

Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2024-09-04 19:59
VLAI
Summary
Ansible Insertion of Sensitive Information into Log File vulnerability
Details

A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host's logs. This flaw was fixed by not allowing passwords to be specified in the "params" argument, and noting this in the module documentation.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0.0"
            },
            {
              "fixed": "2.4.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0.0"
            },
            {
              "fixed": "2.3.3.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-7550"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-08T18:09:23Z",
    "nvd_published_at": "2017-11-21T17:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host\u0027s logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.",
  "id": "GHSA-588w-w6mv-3cw5",
  "modified": "2024-09-04T19:59:34Z",
  "published": "2022-05-13T01:06:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7550"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/issues/30874"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/facbf7f14da29eea67ef68ab386fc15bd06d7c7f"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2966"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2017-7550"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473645"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2017-4.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Ansible Insertion of Sensitive Information into Log File vulnerability"
}

GHSA-589Q-4FF5-Q295

Vulnerability from github – Published: 2022-11-15 12:00 – Updated: 2022-11-18 00:30
VLAI
Details

Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-27896"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-14T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0.",
  "id": "GHSA-589q-4ff5-q295",
  "modified": "2022-11-18T00:30:20Z",
  "published": "2022-11-15T12:00:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27896"
    },
    {
      "type": "WEB",
      "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-08.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-58GV-J5QC-234V

Vulnerability from github – Published: 2026-04-08 03:32 – Updated: 2026-04-08 03:32
VLAI
Details

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4788"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T01:16:41Z",
    "severity": "HIGH"
  },
  "details": "IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.",
  "id": "GHSA-58gv-j5qc-234v",
  "modified": "2026-04-08T03:32:13Z",
  "published": "2026-04-08T03:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4788"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7268267"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-58H3-6JJJ-X58Q

Vulnerability from github – Published: 2025-07-30 18:31 – Updated: 2025-07-30 18:31
VLAI
Details

Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30105"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-30T18:15:30Z",
    "severity": "HIGH"
  },
  "details": "Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
  "id": "GHSA-58h3-6jjj-x58q",
  "modified": "2025-07-30T18:31:37Z",
  "published": "2025-07-30T18:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30105"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000337241/dsa-2025-108-security-update-for-dell-emc-xtremio-x2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-58RJ-C7P7-F4H9

Vulnerability from github – Published: 2022-12-09 03:30 – Updated: 2022-12-12 18:30
VLAI
Details

Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-33187"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-09T02:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.",
  "id": "GHSA-58rj-c7p7-f4h9",
  "modified": "2022-12-12T18:30:29Z",
  "published": "2022-12-09T03:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33187"
    },
    {
      "type": "WEB",
      "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2122"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-592J-GC76-G9P7

Vulnerability from github – Published: 2025-04-17 18:31 – Updated: 2026-04-01 18:34
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup & Migration: from n/a through 1.5.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-17T16:15:33Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup \u0026 Migration allows Retrieve Embedded Sensitive Data. This issue affects WordPress Backup \u0026 Migration: from n/a through 1.5.3.",
  "id": "GHSA-592j-gc76-g9p7",
  "modified": "2026-04-01T18:34:46Z",
  "published": "2025-04-17T18:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24651"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/wp-migration-duplicator/vulnerability/wordpress-webtoffee-wp-backup-and-migration-plugin-1-5-3-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-595W-9635-GR7C

Vulnerability from github – Published: 2026-05-13 18:30 – Updated: 2026-05-18 15:30
VLAI
Details

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. 

This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8200"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-13T04:17:41Z",
    "severity": "MODERATE"
  },
  "details": "When schema validation is enabled on a collection and an update or insert would violate the collection\u0027s schema, the local server log message generated may not have all user data redacted.\u00a0\n\n\nThis issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 versions prior to 8.2.9 and v8.3 versions prior to 8.3.2.",
  "id": "GHSA-595w-9635-gr7c",
  "modified": "2026-05-18T15:30:33Z",
  "published": "2026-05-13T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8200"
    },
    {
      "type": "WEB",
      "url": "https://jira.mongodb.org/browse/SERVER-121895"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-59HW-HXF5-WMG6

Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2024-04-04 01:27
VLAI
Details

In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2016-10819"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-08-01T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).",
  "id": "GHSA-59hw-hxf5-wmg6",
  "modified": "2024-04-04T01:27:27Z",
  "published": "2022-05-24T16:52:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10819"
    },
    {
      "type": "WEB",
      "url": "https://documentation.cpanel.net/display/CL/58+Change+Log"
    },
    {
      "type": "WEB",
      "url": "https://news.cpanel.com/cpanel-tsr-2016-0003-full-disclosure"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-59QP-8H5F-H6H4

Vulnerability from github – Published: 2023-10-26 00:30 – Updated: 2023-11-06 18:30
VLAI
Details

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46668"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-26T00:15:12Z",
    "severity": "CRITICAL"
  },
  "details": "If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.",
  "id": "GHSA-59qp-8h5f-h6h4",
  "modified": "2023-11-06T18:30:17Z",
  "published": "2023-10-26T00:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46668"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-59WM-XJ7C-3VQ4

Vulnerability from github – Published: 2022-09-29 00:00 – Updated: 2025-05-21 15:30
VLAI
Details

A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-23716"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-28T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.",
  "id": "GHSA-59wm-xj7c-3vq4",
  "modified": "2025-05-21T15:30:27Z",
  "published": "2022-09-29T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23716"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elastic-cloud-enterprise-3-1-1-security-update/315317"
    },
    {
      "type": "WEB",
      "url": "https://www.elastic.co/community/security"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.