CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1738 vulnerabilities reference this CWE, most recent first.
GHSA-5V2Q-HW2Q-3VHQ
Vulnerability from github – Published: 2022-05-13 01:22 – Updated: 2022-05-13 01:22RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.
{
"affected": [],
"aliases": [
"CVE-2019-3715"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-13T21:29:00Z",
"severity": "MODERATE"
},
"details": "RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users\u0027 session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.",
"id": "GHSA-5v2q-hw2q-3vhq",
"modified": "2022-05-13T01:22:27Z",
"published": "2022-05-13T01:22:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3715"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2019/Mar/19"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/107443"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5V5X-X8HH-7FFJ
Vulnerability from github – Published: 2023-04-04 15:30 – Updated: 2023-04-10 21:30In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file
{
"affected": [],
"aliases": [
"CVE-2022-48435"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-04T14:15:00Z",
"severity": "LOW"
},
"details": "In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file",
"id": "GHSA-5v5x-x8hh-7ffj",
"modified": "2023-04-10T21:30:23Z",
"published": "2023-04-04T15:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48435"
},
{
"type": "WEB",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5VVG-PVHP-HV2M
Vulnerability from github – Published: 2024-10-24 22:42 – Updated: 2025-01-21 17:58Issue
Snowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials (or portions of those credentials) were logged locally by the Connector to the users own systems. The credentials were not logged by Snowflake.
These vulnerabilities affect versions up to and including 3.12.2. Snowflake fixed the issue in version 3.12.3.
Vulnerability Details
When the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes (when specified via the “passcode” parameter) and Azure SAS tokens. Additionally, the SecretDetector logging formatter, if enabled, contained bugs which caused it to not fully redact JWT tokens and certain private key formats.
Solution
Snowflake released version 3.12.3 of the Snowflake Connector for Python, which fixes these issues. We recommend users upgrade to version 3.12.3 and review their logs for any potentially sensitive information that may have been captured.
Additional Information
If you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our Vulnerability Disclosure Policy.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "snowflake-connector-python"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.12.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-49750"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-24T22:42:26Z",
"nvd_published_at": "2024-10-24T22:15:04Z",
"severity": "MODERATE"
},
"details": "### Issue\nSnowflake recently learned about and remediated a set of vulnerabilities in the Snowflake Connector for Python. Under specific conditions, certain users credentials (or portions of those credentials) were logged locally by the Connector to the users own systems. The credentials were not logged by Snowflake.\n\nThese vulnerabilities affect versions up to and including 3.12.2. Snowflake fixed the issue in version 3.12.3.\n\n### Vulnerability Details\nWhen the logging level was set by the user to DEBUG, the Connector could have logged Duo passcodes (when specified via the \u201cpasscode\u201d parameter) and Azure SAS tokens. Additionally, the [SecretDetector](https://docs.snowflake.com/en/developer-guide/python-connector/python-connector-example#logging) logging formatter, if enabled, contained bugs which caused it to not fully redact JWT tokens and certain private key formats.\n\n### Solution\nSnowflake released version 3.12.3 of the Snowflake Connector for Python, which fixes these issues. We recommend users upgrade to version 3.12.3 and review their logs for any potentially sensitive information that may have been captured.\n\n### Additional Information\nIf you discover a security vulnerability in one of our products or websites, please report the issue to HackerOne. For more information, please see our [Vulnerability Disclosure Policy](https://hackerone.com/snowflake?type=team).",
"id": "GHSA-5vvg-pvhp-hv2m",
"modified": "2025-01-21T17:58:50Z",
"published": "2024-10-24T22:42:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-5vvg-pvhp-hv2m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49750"
},
{
"type": "WEB",
"url": "https://github.com/snowflakedb/snowflake-connector-python/commit/dbc9284a3c0382c131b971b35e8d6ab93c46f37a"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/snowflake-connector-python/PYSEC-2024-191.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/snowflakedb/snowflake-connector-python"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "The Snowflake Connector for Python stores sensitive data in logs"
}
GHSA-5W92-HHCH-JQV7
Vulnerability from github – Published: 2025-01-16 09:30 – Updated: 2025-01-16 09:30In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions accordingly.
{
"affected": [],
"aliases": [
"CVE-2024-12226"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-16T07:15:26Z",
"severity": "MODERATE"
},
"details": "In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Version 2 however it was determined that this could also be achieved in Version 1 and the fix was applied to both versions accordingly.",
"id": "GHSA-5w92-hhch-jqv7",
"modified": "2025-01-16T09:30:36Z",
"published": "2025-01-16T09:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12226"
},
{
"type": "WEB",
"url": "https://advisories.octopus.com/post/2024/sa2024-10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5WMG-9CVH-QW25
Vulnerability from github – Published: 2024-11-05 17:34 – Updated: 2024-11-05 21:37Impact
Refresh tokens are logged to the console when the disabled by default debug flag, is enabled.
Patches
Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@workos-inc/authkit-nextjs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.13.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-51752"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-05T17:34:23Z",
"nvd_published_at": "2024-11-05T20:15:15Z",
"severity": "LOW"
},
"details": "### Impact\nRefresh tokens are logged to the console when the disabled by default `debug` flag, is enabled.\n\n### Patches\nPatched in [https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2](https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2)\n",
"id": "GHSA-5wmg-9cvh-qw25",
"modified": "2024-11-05T21:37:24Z",
"published": "2024-11-05T17:34:23Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/workos/authkit-nextjs/security/advisories/GHSA-5wmg-9cvh-qw25"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51752"
},
{
"type": "WEB",
"url": "https://github.com/workos/authkit-nextjs/commit/15a332632f7560b03cc6d8cc8da24fd2ac931da7"
},
{
"type": "PACKAGE",
"url": "https://github.com/workos/authkit-nextjs"
},
{
"type": "WEB",
"url": "https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled"
}
GHSA-5WWR-98RP-48M6
Vulnerability from github – Published: 2024-04-23 06:30 – Updated: 2024-04-23 06:30Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.
{
"affected": [],
"aliases": [
"CVE-2023-6833"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-23T06:15:06Z",
"severity": "MODERATE"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.\n\n",
"id": "GHSA-5wwr-98rp-48m6",
"modified": "2024-04-23T06:30:47Z",
"published": "2024-04-23T06:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6833"
},
{
"type": "WEB",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5WXR-W449-57CM
Vulnerability from github – Published: 2026-05-20 15:32 – Updated: 2026-05-20 15:32Impact
This affects only workflows that pin an exact affected Composer semver version through setup-php, for example tools: composer:2.9.7.
Workflows using the default Composer version, composer:v2, or no pinned Composer version are not affected through setup-php, because those Composer URLs have been updated to patched Composer releases for all setup-php versions.
setup-php does not directly print the token. The token may be exposed through Composer when Composer validates github-oauth auth and rejects GitHub's newer hyphen-containing token format.
Public repository logs may expose the token. GitHub-hosted runner GITHUB_TOKEN values expire after the job, but exposure may still matter during the token lifetime and for longer-lived GitHub App or user tokens.
Patches
setup-php 2.37.1 skips generated GitHub OAuth auth for pinned Composer versions affected by Composer GHSA-f9f8-rm49-7jv2 while preserving other Composer auth, including Packagist auth.
Workarounds
Upgrade to setup-php 2.37.1 or newer. You can also avoid the affected path by using a patched Composer version: 2.9.8, 2.2.28, 1.10.28, or newer supported Composer releases.
It is recommended to avoid pinning affected Composer versions such as composer:2.9.7, unless you have automations to do timely updates in your workflows.
{
"affected": [
{
"package": {
"ecosystem": "GitHub Actions",
"name": "shivammathur/setup-php"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.37.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-20T15:32:31Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\nThis affects only workflows that pin an exact affected Composer semver version through setup-php, for example `tools: composer:2.9.7`.\n\nWorkflows using the default Composer version, `composer:v2`, or no pinned Composer version are not affected through setup-php, because those Composer URLs have been updated to patched Composer releases for all setup-php versions.\n\nsetup-php does not directly print the token. The token may be exposed through Composer when Composer validates github-oauth auth and rejects GitHub\u0027s newer hyphen-containing token format.\n\nPublic repository logs may expose the token. GitHub-hosted runner GITHUB_TOKEN values expire after the job, but exposure may still matter during the token lifetime and for longer-lived GitHub App or user tokens.\n\n### Patches\nsetup-php 2.37.1 skips generated GitHub OAuth auth for pinned Composer versions affected by Composer GHSA-f9f8-rm49-7jv2 while preserving other Composer auth, including Packagist auth.\n\n### Workarounds\nUpgrade to setup-php `2.37.1` or newer. You can also avoid the affected path by using a patched Composer version: 2.9.8, 2.2.28, 1.10.28, or newer supported Composer releases.\n\nIt is recommended to avoid pinning affected Composer versions such as `composer:2.9.7`, unless you have automations to do timely updates in your workflows.",
"id": "GHSA-5wxr-w449-57cm",
"modified": "2026-05-20T15:32:31Z",
"published": "2026-05-20T15:32:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2"
},
{
"type": "WEB",
"url": "https://github.com/shivammathur/setup-php/security/advisories/GHSA-5wxr-w449-57cm"
},
{
"type": "WEB",
"url": "https://github.com/shivammathur/setup-php/commit/7748c243803a56671412f9f7c745769e9573c6d4"
},
{
"type": "PACKAGE",
"url": "https://github.com/shivammathur/setup-php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Setup PHP: GitHub tokens configured by setup-php may be exposed through pinned affected Composer versions"
}
GHSA-5X67-M8GC-WM3P
Vulnerability from github – Published: 2026-06-23 21:30 – Updated: 2026-06-24 18:32Module: plugins/modules/keyring_info.py
CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result["passphrase"] with no output suppression, no no_log protection, and no documentation warning.
Root Cause:
Line 105 (protected): keyring_password=dict(type="str", required=True, no_log=True) Line 127 (NOT protected): result["passphrase"] = passphrase
Observed Output:
{ "changed": false, "passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret" } Visible via register + debug: { "keyring_result": { "changed": false, "passphrase": "MyMasterP@ssw0rd!SSH_Key_Secret" } }
Impact:
Master passwords, SSH key passphrases and service credentials appear in all Ansible output
register: keyring_result followed by debug: var=keyring_result prints passphrase in full
Ansible fact caching backends (Redis, JSON file, memcached) may persist the passphrase
AWX/Tower job logs silently store the live credential
Fix:
module.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)
Also add a documentation warning requiring callers to use no_log: true at the task level.
PoCs
Fig 1: PoC execution showing passphrase in plaintext output
Fig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)
{
"affected": [],
"aliases": [
"CVE-2026-11819"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-23T21:16:54Z",
"severity": "MODERATE"
},
"details": "Module: plugins/modules/keyring_info.py \n\nCVSS 3.1: 5.5 MEDIUM \u2014 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N \n\nIssue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result[\"passphrase\"] with no output suppression, no no_log protection, and no documentation warning. \n\nRoot Cause:\n\nLine 105 (protected): keyring_password=dict(type=\"str\", required=True, no_log=True)\nLine 127 (NOT protected): result[\"passphrase\"] = passphrase\n\nObserved Output:\n\n{\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\nVisible via register + debug:\n{\n\"keyring_result\": {\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\n}\n\nImpact: \n\nMaster passwords, SSH key passphrases and service credentials appear in all Ansible output \n\nregister: keyring_result followed by debug: var=keyring_result prints passphrase in full \n\nAnsible fact caching backends (Redis, JSON file, memcached) may persist the passphrase \n\nAWX/Tower job logs silently store the live credential\n\nFix:\n\nmodule.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)\n\nAlso add a documentation warning requiring callers to use no_log: true at the task level.\n\nPoCs\n\n\nFig 1: PoC execution showing passphrase in plaintext output\n\n\nFig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)",
"id": "GHSA-5x67-m8gc-wm3p",
"modified": "2026-06-24T18:32:36Z",
"published": "2026-06-23T21:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11819"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-11819"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487251"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5X96-J797-5QQW
Vulnerability from github – Published: 2024-04-24 20:02 – Updated: 2024-04-24 20:02In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/kubernetes/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.17.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/kubernetes/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "1.18.0"
},
{
"fixed": "1.18.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/kubernetes/kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "1.19.0"
},
{
"fixed": "1.19.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-8566"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-24T20:02:08Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager\u0027s logs during provisioning of Ceph RBD persistent claims. This affects \u003c v1.19.3, \u003c v1.18.10, \u003c v1.17.13.",
"id": "GHSA-5x96-j797-5qqw",
"modified": "2024-04-24T20:02:08Z",
"published": "2024-04-24T20:02:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8566"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/95624"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/95245"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886640"
},
{
"type": "PACKAGE",
"url": "https://github.com/kubernetes/kubernetes"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210122-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Sensitive Information leak via Log File in Kubernetes"
}
GHSA-5X9W-W9MF-7M6P
Vulnerability from github – Published: 2022-12-08 18:30 – Updated: 2022-12-10 00:30Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
{
"affected": [],
"aliases": [
"CVE-2022-39897"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-08T16:15:00Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.",
"id": "GHSA-5x9w-w9mf-7m6p",
"modified": "2022-12-10T00:30:17Z",
"published": "2022-12-08T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39897"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.