Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1744 vulnerabilities reference this CWE, most recent first.

GHSA-JVH2-79V2-QM48

Vulnerability from github – Published: 2025-07-08 15:32 – Updated: 2025-07-08 15:32
VLAI
Details

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5463"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-08T15:15:32Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information.",
  "id": "GHSA-jvh2-79v2-qm48",
  "modified": "2025-07-08T15:32:04Z",
  "published": "2025-07-08T15:32:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5463"
    },
    {
      "type": "WEB",
      "url": "https://forums.ivanti.com/s/article/July-Security-Advisory-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Multiple-CVEs"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JVMQ-F3VH-7H27

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34
VLAI
Details

Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-15763"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-05T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials.",
  "id": "GHSA-jvmq-f3vh-7h27",
  "modified": "2022-05-13T01:34:07Z",
  "published": "2022-05-13T01:34:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15763"
    },
    {
      "type": "WEB",
      "url": "https://pivotal.io/security/cve-2018-15763"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JW2V-66VP-9X24

Vulnerability from github – Published: 2022-01-18 00:00 – Updated: 2022-01-25 00:02
VLAI
Details

In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22703"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-17T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.",
  "id": "GHSA-jw2v-66vp-9x24",
  "modified": "2022-01-25T00:02:40Z",
  "published": "2022-01-18T00:00:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22703"
    },
    {
      "type": "WEB",
      "url": "https://advisories.stormshield.eu/2022-001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-JW3V-5CH2-WFMM

Vulnerability from github – Published: 2022-02-15 01:38 – Updated: 2023-07-13 22:11
VLAI
Summary
Wildfly logs plaintext passwords
Details

A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.wildfly:wildfly-parent"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "21.0.0.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-25640"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-209",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-13T22:11:44Z",
    "nvd_published_at": "2020-11-24T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.",
  "id": "GHSA-jw3v-5ch2-wfmm",
  "modified": "2023-07-13T22:11:44Z",
  "published": "2022-02-15T01:38:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25640"
    },
    {
      "type": "WEB",
      "url": "https://github.com/amqphub/amqp-10-resource-adapter/issues/13"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881637"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20201210-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Wildfly logs plaintext passwords"
}

GHSA-JW6C-WQ8M-H8G9

Vulnerability from github – Published: 2024-04-19 06:30 – Updated: 2025-02-04 18:30
VLAI
Details

When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29957"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-19T04:15:09Z",
    "severity": "HIGH"
  },
  "details": "When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.",
  "id": "GHSA-jw6c-wq8m-h8g9",
  "modified": "2025-02-04T18:30:44Z",
  "published": "2024-04-19T06:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29957"
    },
    {
      "type": "WEB",
      "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23241"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JWCC-J78W-J73W

Vulnerability from github – Published: 2018-10-10 17:23 – Updated: 2024-11-18 16:26
VLAI
Summary
Ansible exposes sensitive data in log files and on the terminal
Details

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0a1"
            },
            {
              "fixed": "2.5.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0.0"
            },
            {
              "fixed": "2.4.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-10855"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:44:13Z",
    "nvd_published_at": "2018-07-03T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.",
  "id": "GHSA-jwcc-j78w-j73w",
  "modified": "2024-11-18T16:26:08Z",
  "published": "2018-10-10T17:23:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10855"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2018:3788"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1948"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1949"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2022"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2079"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2184"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2585"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:0054"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10855"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-jwcc-j78w-j73w"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-42.yaml"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4072-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4396"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Ansible exposes sensitive data in log files and on the terminal"
}

GHSA-JWGX-9MMH-684W

Vulnerability from github – Published: 2019-06-13 20:02 – Updated: 2022-02-11 21:13
VLAI
Summary
Credential exposure through log files in Undertow
Details

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.undertow:undertow-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-3888"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-06-13T20:02:23Z",
    "nvd_published_at": "2019-06-12T14:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)",
  "id": "GHSA-jwgx-9mmh-684w",
  "modified": "2022-02-11T21:13:16Z",
  "published": "2019-06-13T20:02:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2439"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:2998"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0727"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3888"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220210-0019"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108739"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Credential exposure through log files in Undertow"
}

GHSA-JX2R-9QHF-J88M

Vulnerability from github – Published: 2022-05-17 05:08 – Updated: 2026-06-02 21:30
VLAI
Details

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-4733"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-06-30T19:28:00Z",
    "severity": "HIGH"
  },
  "details": "The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.",
  "id": "GHSA-jx2r-9qhf-j88m",
  "modified": "2026-06-02T21:30:24Z",
  "published": "2022-05-17T05:08:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4733"
    },
    {
      "type": "WEB",
      "url": "http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/662676"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/AAMN-98MU7H"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/AAMN-98MUK2"
    },
    {
      "type": "WEB",
      "url": "http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JX64-R67P-6V8C

Vulnerability from github – Published: 2025-02-14 06:30 – Updated: 2025-08-26 21:31
VLAI
Details

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANnav.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-1053"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1295",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-14T04:15:08Z",
    "severity": "HIGH"
  },
  "details": "Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave.  An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANnav.",
  "id": "GHSA-jx64-r67p-6v8c",
  "modified": "2025-08-26T21:31:06Z",
  "published": "2025-02-14T06:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1053"
    },
    {
      "type": "WEB",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25399"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-M26Q-9XVW-WXFG

Vulnerability from github – Published: 2022-05-24 17:03 – Updated: 2023-01-24 21:30
VLAI
Details

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim's password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15235"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-17T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an attacker to get a victim\u0027s session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx, and the victim\u0027s token value from /usr/local/cwpsrv/logs/access_log, then use them to gain access to the victim\u0027s password (for the OS and phpMyAdmin) via an attacker account. This is different from CVE-2019-14782.",
  "id": "GHSA-m26q-9xvw-wxfg",
  "modified": "2023-01-24T21:30:34Z",
  "published": "2022-05-24T17:03:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15235"
    },
    {
      "type": "WEB",
      "url": "https://centos-webpanel.com/changelog-cwp7"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/155676/Control-Web-Panel-0.9.8.864-phpMyAdmin-Password-Disclosure.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.