Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1738 vulnerabilities reference this CWE, most recent first.

GHSA-5V2Q-HW2Q-3VHQ

Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22
VLAI
Details

RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-3715"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-13T21:29:00Z",
    "severity": "MODERATE"
  },
  "details": "RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users\u0027 session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.",
  "id": "GHSA-5v2q-hw2q-3vhq",
  "modified": "2022-05-13T01:22:27Z",
  "published": "2022-05-13T01:22:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3715"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2019/Mar/19"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107443"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5V5X-X8HH-7FFJ

Vulnerability from github – Published: 2023-04-04 15:30 – Updated: 2023-04-10 21:30
VLAI
Details

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-48435"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-04T14:15:00Z",
    "severity": "LOW"
  },
  "details": "In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file",
  "id": "GHSA-5v5x-x8hh-7ffj",
  "modified": "2023-04-10T21:30:23Z",
  "published": "2023-04-04T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48435"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5VVG-PVHP-HV2M

Vulnerability from github – Published: 2024-10-24 22:42 – Updated: 2025-01-21 17:58
VLAI
Summary
The Snowflake Connector for Python stores sensitive data in logs
Details

Issue

Snowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials (or portions of those credentials) were logged locally by the Connector to the users own systems. The credentials were not logged by Snowflake.

These vulnerabilities affect versions up to and including 3.12.2. Snowflake fixed the issue in version 3.12.3.

Vulnerability Details

When the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes (when specified via the “passcode” parameter) and Azure SAS tokens. Additionally, the SecretDetector logging formatter, if enabled, contained bugs which caused it to not fully redact JWT tokens and certain private key formats.

Solution

Snowflake released version 3.12.3 of the Snowflake Connector for Python, which fixes these issues. We recommend users upgrade to version 3.12.3 and review their logs for any potentially sensitive information that may have been captured.

Additional Information

If you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our Vulnerability Disclosure Policy.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "snowflake-connector-python"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.12.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-49750"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-10-24T22:42:26Z",
    "nvd_published_at": "2024-10-24T22:15:04Z",
    "severity": "MODERATE"
  },
  "details": "### Issue\nSnowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials (or portions of those credentials) were logged locally by the Connector to the users own systems. The credentials were not logged by Snowflake.\n\nThese vulnerabilities affect versions up to and including 3.12.2. Snowflake fixed the issue in version 3.12.3.\n\n### Vulnerability Details\nWhen the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes (when specified via the \u201cpasscode\u201d parameter) and Azure SAS tokens. Additionally, the [SecretDetector](https://docs.snowflake.com/en/developer-guide/python-connector/python-connector-example#logging) logging formatter, if enabled, contained bugs which caused it to not fully redact JWT tokens and certain private key formats.\n\n### Solution\nSnowflake released version 3.12.3 of the Snowflake Connector for Python, which fixes these issues. We recommend users upgrade to version 3.12.3 and review their logs for any potentially sensitive information that may have been captured.\n\n### Additional Information\nIf you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our [Vulnerability Disclosure Policy](https://hackerone.com/snowflake?type=team).",
  "id": "GHSA-5vvg-pvhp-hv2m",
  "modified": "2025-01-21T17:58:50Z",
  "published": "2024-10-24T22:42:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-5vvg-pvhp-hv2m"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49750"
    },
    {
      "type": "WEB",
      "url": "https://github.com/snowflakedb/snowflake-connector-python/commit/dbc9284a3c0382c131b971b35e8d6ab93c46f37a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/snowflake-connector-python/PYSEC-2024-191.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/snowflakedb/snowflake-connector-python"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "The Snowflake Connector for Python stores sensitive data in logs"
}

GHSA-5W92-HHCH-JQV7

Vulnerability from github – Published: 2025-01-16 09:30 – Updated: 2025-01-16 09:30
VLAI
Details

In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions accordingly.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12226"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-16T07:15:26Z",
    "severity": "MODERATE"
  },
  "details": "In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions accordingly.",
  "id": "GHSA-5w92-hhch-jqv7",
  "modified": "2025-01-16T09:30:36Z",
  "published": "2025-01-16T09:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12226"
    },
    {
      "type": "WEB",
      "url": "https://advisories.octopus.com/post/2024/sa2024-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WMG-9CVH-QW25

Vulnerability from github – Published: 2024-11-05 17:34 – Updated: 2024-11-05 21:37
VLAI
Summary
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled
Details

Impact

Refresh tokens are logged to the console when the disabled by default debug flag, is enabled.

Patches

Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@workos-inc/authkit-nextjs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.13.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-51752"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-05T17:34:23Z",
    "nvd_published_at": "2024-11-05T20:15:15Z",
    "severity": "LOW"
  },
  "details": "### Impact\nRefresh tokens are logged to the console when the disabled by default `debug` flag, is enabled.\n\n### Patches\nPatched in [https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2](https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2)\n",
  "id": "GHSA-5wmg-9cvh-qw25",
  "modified": "2024-11-05T21:37:24Z",
  "published": "2024-11-05T17:34:23Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/workos/authkit-nextjs/security/advisories/GHSA-5wmg-9cvh-qw25"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51752"
    },
    {
      "type": "WEB",
      "url": "https://github.com/workos/authkit-nextjs/commit/15a332632f7560b03cc6d8cc8da24fd2ac931da7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/workos/authkit-nextjs"
    },
    {
      "type": "WEB",
      "url": "https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
      "type": "CVSS_V4"
    }
  ],
  "summary": "@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled"
}

GHSA-5WWR-98RP-48M6

Vulnerability from github – Published: 2024-04-23 06:30 – Updated: 2024-04-23 06:30
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6833"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-23T06:15:06Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.\n\n",
  "id": "GHSA-5wwr-98rp-48m6",
  "modified": "2024-04-23T06:30:47Z",
  "published": "2024-04-23T06:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6833"
    },
    {
      "type": "WEB",
      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5WXR-W449-57CM

Vulnerability from github – Published: 2026-05-20 15:32 – Updated: 2026-05-20 15:32
VLAI
Summary
Setup PHP: GitHub tokens configured by setup-php may be exposed through pinned affected Composer versions
Details

Impact

This affects only workflows that pin an exact affected Composer semver version through setup-php, for example tools: composer:2.9.7.

Workflows using the default Composer version, composer:v2, or no pinned Composer version are not affected through setup-php, because those Composer URLs have been updated to patched Composer releases for all setup-php versions.

setup-php does not directly print the token. The token may be exposed through Composer when Composer validates github-oauth auth and rejects GitHub's newer hyphen-containing token format.

Public repository logs may expose the token. GitHub-hosted runner GITHUB_TOKEN values expire after the job, but exposure may still matter during the token lifetime and for longer-lived GitHub App or user tokens.

Patches

setup-php 2.37.1 skips generated GitHub OAuth auth for pinned Composer versions affected by Composer GHSA-f9f8-rm49-7jv2 while preserving other Composer auth, including Packagist auth.

Workarounds

Upgrade to setup-php 2.37.1 or newer. You can also avoid the affected path by using a patched Composer version: 2.9.8, 2.2.28, 1.10.28, or newer supported Composer releases.

It is recommended to avoid pinning affected Composer versions such as composer:2.9.7, unless you have automations to do timely updates in your workflows.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "GitHub Actions",
        "name": "shivammathur/setup-php"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.37.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-20T15:32:31Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nThis affects only workflows that pin an exact affected Composer semver version through setup-php, for example `tools: composer:2.9.7`.\n\nWorkflows using the default Composer version, `composer:v2`, or no pinned Composer version are not affected through setup-php, because those Composer URLs have been updated to patched Composer releases for all setup-php versions.\n\nsetup-php does not directly print the token. The token may be exposed through Composer when Composer validates github-oauth auth and rejects GitHub\u0027s newer hyphen-containing token format.\n\nPublic repository logs may expose the token. GitHub-hosted runner GITHUB_TOKEN values expire after the job, but exposure may still matter during the token lifetime and for longer-lived GitHub App or user tokens.\n\n### Patches\nsetup-php 2.37.1 skips generated GitHub OAuth auth for pinned Composer versions affected by Composer GHSA-f9f8-rm49-7jv2 while preserving other Composer auth, including Packagist auth.\n\n### Workarounds\nUpgrade to setup-php `2.37.1` or newer. You can also avoid the affected path by using a patched Composer version: 2.9.8, 2.2.28, 1.10.28, or newer supported Composer releases.\n\nIt is recommended to avoid pinning affected Composer versions such as `composer:2.9.7`, unless you have automations to do timely updates in your workflows.",
  "id": "GHSA-5wxr-w449-57cm",
  "modified": "2026-05-20T15:32:31Z",
  "published": "2026-05-20T15:32:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shivammathur/setup-php/security/advisories/GHSA-5wxr-w449-57cm"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shivammathur/setup-php/commit/7748c243803a56671412f9f7c745769e9573c6d4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/shivammathur/setup-php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Setup PHP: GitHub tokens configured by setup-php may be exposed through pinned affected Composer versions"
}

GHSA-5X67-M8GC-WM3P

Vulnerability from github – Published: 2026-06-23 21:30 – Updated: 2026-06-24 18:32
VLAI
Details

Module: plugins/modules/keyring_info.py

CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result["passphrase"] with no output suppression, no no_log protection, and no documentation warning.

Root Cause:

Line 105 (protected): keyring_password=dict(type="str", required=True, no_log=True) Line 127 (NOT protected): result["passphrase"] = passphrase

Observed Output:

{ "changed": false, "passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret" } Visible via register + debug: { "keyring_result": { "changed": false, "passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret" } }

Impact:

Master passwords, SSH key passphrases and service credentials appear in all Ansible output

register: keyring_result followed by debug: var=keyring_result prints passphrase in full

Ansible fact caching backends (Redis, JSON file, memcached) may persist the passphrase

AWX/Tower job logs silently store the live credential

Fix:

module.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)

Also add a documentation warning requiring callers to use no_log: true at the task level.

PoCs

Fig 1: PoC execution showing passphrase in plaintext output

Fig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11819"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-23T21:16:54Z",
    "severity": "MODERATE"
  },
  "details": "Module: plugins/modules/keyring_info.py \n\nCVSS 3.1: 5.5 MEDIUM \u2014 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N \n\nIssue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result[\"passphrase\"] with no output suppression, no no_log protection, and no documentation warning. \n\nRoot Cause:\n\nLine 105 (protected): keyring_password=dict(type=\"str\", required=True, no_log=True)\nLine 127 (NOT protected): result[\"passphrase\"] = passphrase\n\nObserved Output:\n\n{\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\nVisible via register + debug:\n{\n\"keyring_result\": {\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\n}\n\nImpact: \n\nMaster passwords, SSH key passphrases and service credentials appear in all Ansible output \n\nregister: keyring_result followed by debug: var=keyring_result prints passphrase in full \n\nAnsible fact caching backends (Redis, JSON file, memcached) may persist the passphrase \n\nAWX/Tower job logs silently store the live credential\n\nFix:\n\nmodule.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)\n\nAlso add a documentation warning requiring callers to use no_log: true at the task level.\n\nPoCs\n\n\nFig 1: PoC execution showing passphrase in plaintext output\n\n\nFig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)",
  "id": "GHSA-5x67-m8gc-wm3p",
  "modified": "2026-06-24T18:32:36Z",
  "published": "2026-06-23T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11819"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-11819"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487251"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5X96-J797-5QQW

Vulnerability from github – Published: 2024-04-24 20:02 – Updated: 2024-04-24 20:02
VLAI
Summary
Sensitive Information leak via Log File in Kubernetes
Details

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kubernetes/kubernetes"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.17.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kubernetes/kubernetes"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.18.0"
            },
            {
              "fixed": "1.18.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/kubernetes/kubernetes"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.19.0"
            },
            {
              "fixed": "1.19.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-8566"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-04-24T20:02:08Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager\u0027s logs during provisioning of Ceph RBD persistent claims. This affects \u003c v1.19.3, \u003c v1.18.10, \u003c v1.17.13.",
  "id": "GHSA-5x96-j797-5qqw",
  "modified": "2024-04-24T20:02:08Z",
  "published": "2024-04-24T20:02:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8566"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kubernetes/issues/95624"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kubernetes/pull/95245"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886640"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kubernetes/kubernetes"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20210122-0006"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Sensitive Information leak via Log File in Kubernetes"
}

GHSA-5X9W-W9MF-7M6P

Vulnerability from github – Published: 2022-12-08 18:30 – Updated: 2022-12-10 00:30
VLAI
Details

Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-39897"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-08T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.",
  "id": "GHSA-5x9w-w9mf-7m6p",
  "modified": "2022-12-10T00:30:17Z",
  "published": "2022-12-08T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39897"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.