CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-82QM-MFM4-GF87
Vulnerability from github – Published: 2022-05-24 16:57 – Updated: 2024-04-04 02:04In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-68016944
{
"affected": [],
"aliases": [
"CVE-2019-9277"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-09-27T19:15:00Z",
"severity": "LOW"
},
"details": "In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-68016944",
"id": "GHSA-82qm-mfm4-gf87",
"modified": "2024-04-04T02:04:57Z",
"published": "2022-05-24T16:57:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9277"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/android-10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8429-HRPG-37P6
Vulnerability from github – Published: 2024-06-26 09:37 – Updated: 2024-06-26 09:37Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files accessible to administrators.
{
"affected": [],
"aliases": [
"CVE-2024-28830"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-26T08:15:09Z",
"severity": "LOW"
},
"details": "Insertion of Sensitive Information into Log File in Checkmk GmbH\u0027s Checkmk versions \u003c2.3.0p7, \u003c2.2.0p28, \u003c2.1.0p45 and \u003c=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files accessible to administrators.",
"id": "GHSA-8429-hrpg-37p6",
"modified": "2024-06-26T09:37:03Z",
"published": "2024-06-26T09:37:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28830"
},
{
"type": "WEB",
"url": "https://checkmk.com/werk/17056"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8449-7GC2-PWRP
Vulnerability from github – Published: 2022-08-18 00:00 – Updated: 2024-05-20 21:32In HashiCorp Consul Template through version 0.29.1, invalid templates could inadvertently reveal the contents of Vault secret in errors returned by the *template.Template.Execute 5 method, when given a template using Vault secret contents incorrectly. This method has been updated to redact Vault secrets when creating an error string, making it safe to log the error.. This issue was fixed in version 0.29.2.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/consul-template"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.27.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/consul-template"
},
"ranges": [
{
"events": [
{
"introduced": "0.28.0"
},
{
"fixed": "0.28.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/hashicorp/consul-template"
},
"ranges": [
{
"events": [
{
"introduced": "0.29.0"
},
{
"fixed": "0.29.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-38149"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2022-08-30T20:17:03Z",
"nvd_published_at": "2022-08-17T15:15:00Z",
"severity": "HIGH"
},
"details": "In HashiCorp Consul Template through version 0.29.1, invalid templates could inadvertently reveal the contents of Vault secret in errors returned by the `*template.Template.Execute 5` method, when given a template using Vault secret contents incorrectly. This method has been updated to redact Vault secrets when creating an error string, making it safe to log the error.. This issue was fixed in version 0.29.2.",
"id": "GHSA-8449-7gc2-pwrp",
"modified": "2024-05-20T21:32:47Z",
"published": "2022-08-18T00:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38149"
},
{
"type": "WEB",
"url": "https://github.com/hashicorp/consul-template/commit/d6a6f4af219c28e67d847ba0e0b2bea8f5bb9076"
},
{
"type": "WEB",
"url": "https://discuss.hashicorp.com/t/hsec-2022-16-consul-template-may-expose-vault-secrets-when-processing-invalid-input/43215"
},
{
"type": "PACKAGE",
"url": "https://github.com/hashicorp/consul"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2022-0980"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "HashiCorp Consul Template could reveal Vault secret contents in error messages"
}
GHSA-85G9-M9J2-HCX2
Vulnerability from github – Published: 2024-12-19 09:30 – Updated: 2024-12-20 18:31Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack allows an attacker to read camera credentials stored in the Recording Server under specific conditions.
{
"affected": [],
"aliases": [
"CVE-2024-12569"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-19T09:16:13Z",
"severity": "MODERATE"
},
"details": "Disclosure of sensitive information in HikVision camera driver\u0027s log file in XProtect Device Pack allows an attacker to read camera credentials stored in the Recording Server under specific conditions.",
"id": "GHSA-85g9-m9j2-hcx2",
"modified": "2024-12-20T18:31:31Z",
"published": "2024-12-19T09:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12569"
},
{
"type": "WEB",
"url": "https://supportcommunity.milestonesys.com/KBRedir?art=000067740\u0026lang=en_US"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-85PR-X7HH-4JW2
Vulnerability from github – Published: 2023-08-23 00:30 – Updated: 2024-04-04 07:09IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293.
{
"affected": [],
"aliases": [
"CVE-2023-38733"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-22T22:15:08Z",
"severity": "MODERATE"
},
"details": "\nIBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293.\n\n",
"id": "GHSA-85pr-x7hh-4jw2",
"modified": "2024-04-04T07:09:26Z",
"published": "2023-08-23T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38733"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262293"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7028223"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-85Q5-VWQG-RM58
Vulnerability from github – Published: 2023-10-10 15:30 – Updated: 2024-04-04 08:29When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [],
"aliases": [
"CVE-2023-41253"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-10T13:15:21Z",
"severity": "MODERATE"
},
"details": "\nWhen on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log.\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-85q5-vwqg-rm58",
"modified": "2024-04-04T08:29:01Z",
"published": "2023-10-10T15:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41253"
},
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K98334513"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8624-Q4W7-HV72
Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2022-12-09 21:30IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain sensitive OIDC token that is printed to log files, which could be used to log in to the system as another user. IBM X-Force ID: 160512.
{
"affected": [],
"aliases": [
"CVE-2019-4284"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-05T14:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local privileged user to obtain sensitive OIDC token that is printed to log files, which could be used to log in to the system as another user. IBM X-Force ID: 160512.",
"id": "GHSA-8624-q4w7-hv72",
"modified": "2022-12-09T21:30:49Z",
"published": "2022-05-24T16:52:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4284"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160512"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10885454"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-865M-F7P5-XC5C
Vulnerability from github – Published: 2022-05-24 17:20 – Updated: 2025-06-05 00:31Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). Unencrypted user credentials received in the IntelliBridge Enterprise (IBE) are logged within the transaction logs, which are secured behind the login based administrative web portal. The unencrypted user credentials sent from the affected products listed above, for the purpose of handshake or authentication with the Enterprise Systems, are logged as the payload in IntelliBridge Enterprise (IBE) within the transaction logs. An attacker with administrative privileges could exploit this vulnerability to read plain text credentials from log files.
{
"affected": [],
"aliases": [
"CVE-2020-12023"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-11T20:15:00Z",
"severity": "LOW"
},
"details": "Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). Unencrypted user credentials received in the IntelliBridge Enterprise (IBE) are logged within the transaction logs, which are secured behind the login based administrative web portal. The unencrypted user credentials sent from the affected products listed above, for the purpose of handshake or authentication with the Enterprise Systems, are logged as the payload in IntelliBridge Enterprise (IBE) within the transaction logs. An attacker with administrative privileges could exploit this vulnerability to read plain text credentials from log files.",
"id": "GHSA-865m-f7p5-xc5c",
"modified": "2025-06-05T00:31:18Z",
"published": "2022-05-24T17:20:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12023"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-163-01"
},
{
"type": "WEB",
"url": "https://www.philips.com/a-w/security/security-advisories/product-security-2020.html#2020_archive"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-163-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-86F2-H28H-R4FM
Vulnerability from github – Published: 2026-07-13 12:35 – Updated: 2026-07-13 12:35Various sensitive information such as passwords and charging card UIDs are written to log files.
{
"affected": [],
"aliases": [
"CVE-2026-22098"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-13T10:16:27Z",
"severity": "CRITICAL"
},
"details": "Various sensitive information such as passwords and charging card UIDs are written to log files.",
"id": "GHSA-86f2-h28h-r4fm",
"modified": "2026-07-13T12:35:01Z",
"published": "2026-07-13T12:35:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22098"
},
{
"type": "WEB",
"url": "https://csirt.divd.nl/DIVD-2026-00001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-86FP-JR93-HVV2
Vulnerability from github – Published: 2024-12-12 12:31 – Updated: 2024-12-12 12:31An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs.
{
"affected": [],
"aliases": [
"CVE-2024-12292"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-12T12:15:22Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs.",
"id": "GHSA-86fp-jr93-hvv2",
"modified": "2024-12-12T12:31:15Z",
"published": "2024-12-12T12:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12292"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/475211"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.