CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-5J89-95RH-FRFJ
Vulnerability from github – Published: 2023-07-06 21:14 – Updated: 2024-04-04 05:42Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization.
{
"affected": [],
"aliases": [
"CVE-2023-2514"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-12T09:15:10Z",
"severity": "HIGH"
},
"details": "Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization.\u00a0\n",
"id": "GHSA-5j89-95rh-frfj",
"modified": "2024-04-04T05:42:40Z",
"published": "2023-07-06T21:14:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2514"
},
{
"type": "WEB",
"url": "https://mattermost.com/security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-5JF9-W976-2JH9
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-10-26 12:00An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server.
{
"affected": [],
"aliases": [
"CVE-2021-3037"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-20T04:15:00Z",
"severity": "LOW"
},
"details": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server.",
"id": "GHSA-5jf9-w976-2jh9",
"modified": "2022-10-26T12:00:40Z",
"published": "2022-05-24T17:47:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3037"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2021-3037"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5JFH-X25R-V632
Vulnerability from github – Published: 2022-05-14 01:44 – Updated: 2022-05-14 01:44HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.
{
"affected": [],
"aliases": [
"CVE-2018-19786"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-05T09:29:00Z",
"severity": "HIGH"
},
"details": "HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported.",
"id": "GHSA-5jfh-x25r-v632",
"modified": "2022-05-14T01:44:59Z",
"published": "2022-05-14T01:44:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19786"
},
{
"type": "WEB",
"url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#100-december-3rd-2018"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5MPF-HW8F-86W9
Vulnerability from github – Published: 2022-03-16 00:00 – Updated: 2022-11-30 20:44Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system.
Existing build.xml files are not automatically updated to remove captured environment variables. They need to be manually cleaned up. To help with this, the plugin will report environment variables stored in build.xml as unloadable data in the Old Data Monitor, that allows discarding this data. Build records are only loaded from disk when needed however, so some builds stored in Jenkins may not immediately appear there.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:parameterized-trigger"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.43.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-27195"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-30T20:44:33Z",
"nvd_published_at": "2022-03-15T17:15:00Z",
"severity": "LOW"
},
"details": "Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their `build.xml` files. These values are stored unencrypted and can be viewed by users with access to the Jenkins controller file system.\n\nExisting `build.xml` files are not automatically updated to remove captured environment variables. They need to be manually cleaned up. To help with this, the plugin will report environment variables stored in `build.xml` as unloadable data in the Old Data Monitor, that allows discarding this data. Build records are only loaded from disk when needed however, so some builds stored in Jenkins may not immediately appear there.",
"id": "GHSA-5mpf-hw8f-86w9",
"modified": "2022-11-30T20:44:33Z",
"published": "2022-03-16T00:00:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27195"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/parameterized-trigger-plugin/commit/6b7cd2272cbd9f97416bff7ea19132b9aad0898d"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/parameterized-trigger-plugin/commit/b5ec2b48df3c4f7b4999c4edf137b34fbea694fd"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/parameterized-trigger-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-2185"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/03/15/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Sensitive parameter values captured in build metadata files by Jenkins Parameterized Trigger Plugin"
}
GHSA-5MPV-CWQV-8722
Vulnerability from github – Published: 2022-05-13 01:05 – Updated: 2022-05-13 01:05The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.
{
"affected": [],
"aliases": [
"CVE-2011-1943"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-06-14T17:55:00Z",
"severity": "LOW"
},
"details": "The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.",
"id": "GHSA-5mpv-cwqv-8722",
"modified": "2022-05-13T01:05:23Z",
"published": "2022-05-13T01:05:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1943"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=708876"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68057"
},
{
"type": "WEB",
"url": "http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=78ce088843d59d4494965bfc40b30a2e63d065f6"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061329.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2011/05/31/6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2011/05/31/7"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-5P63-2CWC-2X43
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.
Mitigation: For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\Gallagher\Command Centre.
{
"affected": [],
"aliases": [
"CVE-2026-25193"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-25T07:16:14Z",
"severity": "HIGH"
},
"details": "Insertion of Sensitive Information into Log File (CWE-532)\u00a0in some Command Centre Service installers could lead to Service Account credentials exposure.\u202f\nMitigating Factor:\u00a0Only sites that install Command Centre Services with a custom Service Account (not the default Network Service account) are potentially impacted.\n\nMitigation:\u00a0For sites concerned about exposure, the recommended action is to change the Service Account password. They can also delete any installer log files, usually found in %programdata%\\Gallagher\\Command Centre.",
"id": "GHSA-5p63-2cwc-2x43",
"modified": "2026-05-26T13:30:39Z",
"published": "2026-05-26T13:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25193"
},
{
"type": "WEB",
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-25193"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5Q4M-VWW4-2RHM
Vulnerability from github – Published: 2022-05-24 16:57 – Updated: 2024-04-04 02:09Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters? default values to be part of the application logs leading to Information Disclosure.
{
"affected": [],
"aliases": [
"CVE-2019-0380"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-08T20:15:00Z",
"severity": "MODERATE"
},
"details": "Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters? default values to be part of the application logs leading to Information Disclosure.",
"id": "GHSA-5q4m-vww4-2rhm",
"modified": "2024-04-04T02:09:42Z",
"published": "2022-05-24T16:57:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0380"
},
{
"type": "WEB",
"url": "https://launchpad.support.sap.com/#/notes/2828682"
},
{
"type": "WEB",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5Q93-M8W2-XMP8
Vulnerability from github – Published: 2025-03-27 00:31 – Updated: 2025-07-21 21:31In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.
The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
{
"affected": [],
"aliases": [
"CVE-2025-20231"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-26T22:15:15Z",
"severity": "HIGH"
},
"details": "In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the \u201cadmin\u201c or \u201cpower\u201c Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.\u003cbr\u003e\u003cbr\u003eThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.",
"id": "GHSA-5q93-m8w2-xmp8",
"modified": "2025-07-21T21:31:27Z",
"published": "2025-03-27T00:31:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20231"
},
{
"type": "WEB",
"url": "https://advisory.splunk.com/advisories/SVD-2025-0302"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5QP4-PV6P-8GCX
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure.
This issue affects Avantra: before 25.3.0.
{
"affected": [],
"aliases": [
"CVE-2026-8671"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-22T14:16:29Z",
"severity": "HIGH"
},
"details": "Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure.\n\nThis issue affects Avantra: before 25.3.0.",
"id": "GHSA-5qp4-pv6p-8gcx",
"modified": "2026-05-26T13:30:17Z",
"published": "2026-05-26T13:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8671"
},
{
"type": "WEB",
"url": "https://support.avantra.com/hc/en-us/articles/5535487249183"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-5RC7-2JJ6-MP64
Vulnerability from github – Published: 2026-02-26 20:00 – Updated: 2026-02-26 20:00Impact
The Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, object storage data, and NodeBalancer TLS keys in debug logs without redaction.
Important: Provider debug logging is not enabled by default.
This issue is exposed when debug/provider logs are explicitly enabled (for example in local troubleshooting, CI/CD jobs, or centralized log collection). If enabled, sensitive values may be written to logs and then retained, shared, or exported beyond the original execution environment.
Specifically: - Instance creation operations logged the full InstanceCreateOptions struct containing RootPass and StackScriptData - Instance disk creation logged InstanceDiskCreateOptions containing RootPass and StackscriptData - StackScript update operations logged the complete script content via StackscriptUpdateOptions.Script - Image share group member creation logged tokens in ImageShareGroupAddMemberOptions.Token - Object storage operations logged full PutObjectInput structures containing user data - NodeBalancer config create and update operations logged NodeBalancerConfigCreateOptions and NodeBalancerConfigUpdateOptions containing the SSLKey (TLS private key)
An authenticated user with access to provider debug logs (through log aggregation systems, CI/CD pipelines, or debug output) would thus be able to extract these sensitive credentials.
Patches
Update to version v3.9.0 or later, which sanitizes debug logs by logging only non-sensitive metadata such as labels, regions, and resource IDs while redacting credentials, tokens, keys, scripts, and other sensitive content.
Workarounds and Mitigations
- Disable Terraform/provider debug logging or set it to
WARNlevel or above - To disable the logging, you can unset
TF_LOG_PROVIDERandTF_LOGenvironment variables - Or you can set them to
WARNorERRORlevels to avoid sensitive information logged inINFOandDEBUGlevels. - See Terraform docs for details: https://developer.hashicorp.com/terraform/internals/debugging
- Restrict access to existing and historical logs
- Purge/retention-trim logs that may contain sensitive values
- Rotate potentially exposed secrets/credentials, including:
- Root passwords
- Image share group tokens
- TLS private keys/certificates used in NodeBalancer configs
- StackScript content/secrets if embedded
Credits
This issue was reported to Terraform by Hasan Sheet via Akamai's HackerOne Bug Bounty program.
Resources
https://github.com/linode/terraform-provider-linode/releases/tag/v3.9.0 https://github.com/linode/terraform-provider-linode/pull/2269 https://github.com/linode/terraform-provider-linode/commit/43a925d826b999f0355de3dc7330c55f496824c0
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/linode/terraform-provider-linode/v3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.9.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/linode/terraform-provider-linode/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.41.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/linode/terraform-provider-linode"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.30.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27900"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-26T20:00:12Z",
"nvd_published_at": "2026-02-26T02:16:20Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, object storage data, and NodeBalancer TLS keys in debug logs without redaction.\n\n**Important:** Provider debug logging is **not enabled by default**. \nThis issue is exposed when debug/provider logs are explicitly enabled (for example in local troubleshooting, CI/CD jobs, or centralized log collection). If enabled, sensitive values may be written to logs and then retained, shared, or exported beyond the original execution environment.\n\nSpecifically:\n- Instance creation operations logged the full InstanceCreateOptions struct containing RootPass and StackScriptData\n- Instance disk creation logged InstanceDiskCreateOptions containing RootPass and StackscriptData\n- StackScript update operations logged the complete script content via StackscriptUpdateOptions.Script\n- Image share group member creation logged tokens in ImageShareGroupAddMemberOptions.Token\n- Object storage operations logged full PutObjectInput structures containing user data\n- NodeBalancer config create and update operations logged NodeBalancerConfigCreateOptions and NodeBalancerConfigUpdateOptions containing the SSLKey (TLS private key)\n\nAn authenticated user with access to provider debug logs (through log aggregation systems, CI/CD pipelines, or debug output) would thus be able to extract these sensitive credentials.\n\n### Patches\nUpdate to version v3.9.0 or later, which sanitizes debug logs by logging only non-sensitive metadata such as labels, regions, and resource IDs while redacting credentials, tokens, keys, scripts, and other sensitive content.\n\n### Workarounds and Mitigations\n- Disable Terraform/provider debug logging or set it to `WARN` level or above\n - To disable the logging, you can unset `TF_LOG_PROVIDER` and `TF_LOG` environment variables\n - Or you can set them to `WARN` or `ERROR` levels to avoid sensitive information logged in `INFO` and `DEBUG` levels.\n - See Terraform docs for details: https://developer.hashicorp.com/terraform/internals/debugging\n- Restrict access to existing and historical logs\n- Purge/retention-trim logs that may contain sensitive values\n- Rotate potentially exposed secrets/credentials, including:\n - Root passwords\n - Image share group tokens\n - TLS private keys/certificates used in NodeBalancer configs\n - StackScript content/secrets if embedded\n\n### Credits\nThis issue was reported to Terraform by Hasan Sheet via [Akamai\u0027s HackerOne Bug Bounty program](https://hackerone.com/akamai).\n\n### Resources\nhttps://github.com/linode/terraform-provider-linode/releases/tag/v3.9.0\nhttps://github.com/linode/terraform-provider-linode/pull/2269\nhttps://github.com/linode/terraform-provider-linode/commit/43a925d826b999f0355de3dc7330c55f496824c0",
"id": "GHSA-5rc7-2jj6-mp64",
"modified": "2026-02-26T20:00:12Z",
"published": "2026-02-26T20:00:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/linode/terraform-provider-linode/security/advisories/GHSA-5rc7-2jj6-mp64"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27900"
},
{
"type": "WEB",
"url": "https://github.com/linode/terraform-provider-linode/pull/2269"
},
{
"type": "WEB",
"url": "https://github.com/linode/terraform-provider-linode/commit/43a925d826b999f0355de3dc7330c55f496824c0"
},
{
"type": "PACKAGE",
"url": "https://github.com/linode/terraform-provider-linode"
},
{
"type": "WEB",
"url": "https://github.com/linode/terraform-provider-linode/releases/tag/v3.9.0"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/02/26/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Terraform Provider for Linode Debug Logs Vulnerable to Sensitive Information Exposure"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.