Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-6WQG-77WV-92MV

Vulnerability from github – Published: 2025-04-25 15:31 – Updated: 2025-04-25 15:31
VLAI
Details

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46432"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-25T15:15:40Z",
    "severity": "MODERATE"
  },
  "details": "In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs",
  "id": "GHSA-6wqg-77wv-92mv",
  "modified": "2025-04-25T15:31:24Z",
  "published": "2025-04-25T15:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46432"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6WQX-XQGF-X98M

Vulnerability from github – Published: 2025-07-22 06:30 – Updated: 2025-07-22 06:30
VLAI
Details

Insertion of sensitive information into log file issue exists in "region PAY" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-52580"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-22T05:15:40Z",
    "severity": "LOW"
  },
  "details": "Insertion of sensitive information into log file issue exists in \"region PAY\" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs.",
  "id": "GHSA-6wqx-xqgf-x98m",
  "modified": "2025-07-22T06:30:32Z",
  "published": "2025-07-22T06:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52580"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN07825095"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6X3F-MGRR-9XVM

Vulnerability from github – Published: 2023-12-13 09:30 – Updated: 2023-12-13 09:30
VLAI
Details

An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system user, API Keys, and credentials of Kibana end-users. The issue occurs infrequently, only if an error is returned from an Elasticsearch cluster, in cases where there is user interaction and an unhealthy cluster (for example, when returning circuit breaker or no shard exceptions).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-13T07:15:22Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system user, API Keys, and credentials of Kibana end-users. The issue occurs infrequently, only if an error is returned from an Elasticsearch cluster, in cases where there is user interaction and an unhealthy cluster (for example, when returning circuit breaker or no shard exceptions).\n",
  "id": "GHSA-6x3f-mgrr-9xvm",
  "modified": "2023-12-13T09:30:32Z",
  "published": "2023-12-13T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46671"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/8-11-1-7-17-15-security-update-esa-2023-25/347149"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6X8H-8VVC-4XX3

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2024-04-04 02:47
VLAI
Summary
TODO DODO
Details

In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material may be inadvertently logged if certain diagnostics are enabled.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-18193"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-02-03T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material may be inadvertently logged if certain diagnostics are enabled.",
  "id": "GHSA-6x8h-8vvc-4xx3",
  "modified": "2024-04-04T02:47:25Z",
  "published": "2022-05-24T17:07:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18193"
    },
    {
      "type": "WEB",
      "url": "https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=52"
    },
    {
      "type": "WEB",
      "url": "https://www.unisys.com/offerings/security-solutions/unisys-stealth-products-and-services"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "TODO DODO"
}

GHSA-724P-F36C-7PRX

Vulnerability from github – Published: 2022-05-24 16:56 – Updated: 2024-04-04 02:00
VLAI
Details

BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5. In BIG-IP APM 13.1.0 and later, the APM Clients components can be updated independently from BIG-IP software. Client version 7.1.8 (7180.2019.508.705) and later has the fix.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-6656"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-25T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5. In BIG-IP APM 13.1.0 and later, the APM Clients components can be updated independently from BIG-IP software. Client version 7.1.8 (7180.2019.508.705) and later has the fix.",
  "id": "GHSA-724p-f36c-7prx",
  "modified": "2024-04-04T02:00:23Z",
  "published": "2022-05-24T16:56:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6656"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K23876153"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K23876153?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-73JX-2VF6-7FFJ

Vulnerability from github – Published: 2022-08-06 00:00 – Updated: 2022-08-12 00:01
VLAI
Details

This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-29071"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-05T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.",
  "id": "GHSA-73jx-2vf6-7ffj",
  "modified": "2022-08-12T00:01:19Z",
  "published": "2022-08-06T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29071"
    },
    {
      "type": "WEB",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15865-security-advisory-0079"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-73Q4-CGH7-2R7W

Vulnerability from github – Published: 2024-08-01 03:30 – Updated: 2024-08-01 03:30
VLAI
Details

The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender and receiver names, phone numbers, physical addresses, and email addresses

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6687"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-01T02:15:02Z",
    "severity": "MODERATE"
  },
  "details": "The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. The generated .pdf and log files are publicly accessible and contain sensitive information such as sender and receiver names, phone numbers, physical addresses, and email addresses",
  "id": "GHSA-73q4-cgh7-2r7w",
  "modified": "2024-08-01T03:30:46Z",
  "published": "2024-08-01T03:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6687"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3127496%40ctt-expresso-para-woocommerce\u0026new=3127496%40ctt-expresso-para-woocommerce\u0026sfp_email=\u0026sfph_mail=#file25"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13088645-8233-40fb-8755-cbdf44c0eaf7?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75G9-XG49-WC86

Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-14 00:00
VLAI
Details

Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-30742"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-07T19:15:00Z",
    "severity": "LOW"
  },
  "details": "Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.",
  "id": "GHSA-75g9-xg49-wc86",
  "modified": "2022-06-14T00:00:23Z",
  "published": "2022-06-08T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30742"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75JW-X33V-6VGM

Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2024-04-04 00:05
VLAI
Details

aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file because of incorrect if/else usage in the Log-File writer component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9734"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-24T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "aquaverde Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file because of incorrect if/else usage in the Log-File writer component.",
  "id": "GHSA-75jw-x33v-6vgm",
  "modified": "2024-04-04T00:05:21Z",
  "published": "2022-05-24T16:44:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9734"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aquaverde/aquarius-core/commit/d1dfa5b8280388a0b6f2f341f0681522dbea03b0"
    },
    {
      "type": "WEB",
      "url": "https://www.tryption.ch/2019/04/19/cve-2019-9734-password-leakage-im-aquarius-cms"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-75RX-C73C-98Q9

Vulnerability from github – Published: 2024-04-12 18:33 – Updated: 2024-04-12 18:33
VLAI
Details

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-22339"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-12T17:17:21Z",
    "severity": "MODERATE"
  },
  "details": "IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy  8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files.  IBM X-Force ID:  279979.",
  "id": "GHSA-75rx-c73c-98q9",
  "modified": "2024-04-12T18:33:27Z",
  "published": "2024-04-12T18:33:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22339"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279979"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7148113"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.