CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1744 vulnerabilities reference this CWE, most recent first.
GHSA-HJ6W-RHCX-V78H
Vulnerability from github – Published: 2022-06-14 00:00 – Updated: 2022-06-23 00:00Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.
{
"affected": [],
"aliases": [
"CVE-2022-32193"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-13T21:15:00Z",
"severity": "MODERATE"
},
"details": "Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.",
"id": "GHSA-hj6w-rhcx-v78h",
"modified": "2022-06-23T00:00:27Z",
"published": "2022-06-14T00:00:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32193"
},
{
"type": "WEB",
"url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html"
},
{
"type": "WEB",
"url": "https://www.couchbase.com/alerts"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HJ72-63WJ-R3WG
Vulnerability from github – Published: 2025-11-26 18:31 – Updated: 2025-11-26 18:31In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See Define roles on the Splunk platform with capabilities in the Splunk documentation for more information.
{
"affected": [],
"aliases": [
"CVE-2025-20373"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-26T18:15:48Z",
"severity": "LOW"
},
"details": "In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the _internal index during the addition of new \u201cData Security Accounts\u201c. The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) in the Splunk documentation for more information.",
"id": "GHSA-hj72-63wj-r3wg",
"modified": "2025-11-26T18:31:04Z",
"published": "2025-11-26T18:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20373"
},
{
"type": "WEB",
"url": "https://advisory.splunk.com/advisories/SVD-2025-1105"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HJRC-F5Q3-9MGW
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks.
{
"affected": [],
"aliases": [
"CVE-2020-10052"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-09T12:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions \u003c V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local attacker with access to the log files could use this information to launch further attacks.",
"id": "GHSA-hjrc-f5q3-9mgw",
"modified": "2022-05-24T19:20:11Z",
"published": "2022-05-24T19:20:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10052"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HMF6-8VMC-33G5
Vulnerability from github – Published: 2025-02-06 15:32 – Updated: 2025-02-06 15:32Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
{
"affected": [],
"aliases": [
"CVE-2024-57957"
],
"database_specific": {
"cwe_ids": [
"CWE-532",
"CWE-657"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-06T13:15:39Z",
"severity": "MODERATE"
},
"details": "Vulnerability of improper log information control in the UI framework module\nImpact: Successful exploitation of this vulnerability may affect service confidentiality.",
"id": "GHSA-hmf6-8vmc-33g5",
"modified": "2025-02-06T15:32:52Z",
"published": "2025-02-06T15:32:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57957"
},
{
"type": "WEB",
"url": "https://consumer.huawei.com/en/support/bulletin/2025/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HMHR-XF6M-R87C
Vulnerability from github – Published: 2024-03-26 18:32 – Updated: 2024-03-26 18:32Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync application with elevated privileges.
{
"affected": [],
"aliases": [
"CVE-2024-25957"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-26T16:15:11Z",
"severity": "MODERATE"
},
"details": "Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync application with elevated privileges.",
"id": "GHSA-hmhr-xf6m-r87c",
"modified": "2024-03-26T18:32:05Z",
"published": "2024-03-26T18:32:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25957"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000223508/dsa-2024-121-security-update-for-grab-for-windows-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-HMMR-427F-CR3P
Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-08-06 00:00Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.
{
"affected": [],
"aliases": [
"CVE-2021-1576"
],
"database_specific": {
"cwe_ids": [
"CWE-532",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-08T19:15:00Z",
"severity": "MODERATE"
},
"details": "Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation (BPA) could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to log files that contain confidential information. An attacker could exploit these vulnerabilities either by submitting crafted HTTP messages to an affected system and performing unauthorized actions with the privileges of an administrator, or by retrieving sensitive data from the logs and using it to impersonate a legitimate privileged user. A successful exploit could allow the attacker to elevate privileges to Administrator.",
"id": "GHSA-hmmr-427f-cr3p",
"modified": "2022-08-06T00:00:49Z",
"published": "2022-05-24T19:07:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1576"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bpa-priv-esc-dgubwbH4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HP6G-348Q-PPQ3
Vulnerability from github – Published: 2026-03-27 15:30 – Updated: 2026-03-27 15:30A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle_tool_call of the file XAgent/function_handler.py of the component API Key Handler. This manipulation of the argument api_key causes sensitive information in log files. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-4957"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-27T15:17:03Z",
"severity": "MODERATE"
},
"details": "A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle_tool_call of the file XAgent/function_handler.py of the component API Key Handler. This manipulation of the argument api_key causes sensitive information in log files. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-hp6g-348q-ppq3",
"modified": "2026-03-27T15:30:26Z",
"published": "2026-03-27T15:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4957"
},
{
"type": "WEB",
"url": "https://gist.github.com/YLChen-007/6279f3de0c2dff7732eaaf820843b562"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.353834"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.353834"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.777615"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HQ52-W3GP-7VW8
Vulnerability from github – Published: 2022-09-10 00:00 – Updated: 2022-09-15 00:00Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.
{
"affected": [],
"aliases": [
"CVE-2022-36877"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-09T15:15:00Z",
"severity": "LOW"
},
"details": "Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.",
"id": "GHSA-hq52-w3gp-7vw8",
"modified": "2022-09-15T00:00:17Z",
"published": "2022-09-10T00:00:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36877"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=09"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year==2022\u0026month=09"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HQ5F-R2V7-QP3X
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.
{
"affected": [],
"aliases": [
"CVE-2017-1480"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-06T17:29:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.",
"id": "GHSA-hq5f-r2v7-qp3x",
"modified": "2022-05-13T01:37:07Z",
"published": "2022-05-13T01:37:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1480"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128617"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012309"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104471"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HQ63-XWP9-JMR5
Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:28An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
{
"affected": [],
"aliases": [
"CVE-2019-6158"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-03T20:29:00Z",
"severity": "MODERATE"
},
"details": "An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.",
"id": "GHSA-hq63-xwp9-jmr5",
"modified": "2024-04-04T00:28:36Z",
"published": "2022-05-24T16:45:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6158"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/solutions/LEN-26141"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108165"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.