CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1744 vulnerabilities reference this CWE, most recent first.
GHSA-M2H6-JXJ8-4JQF
Vulnerability from github – Published: 2021-05-17 21:25 – Updated: 2021-12-20 17:46OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.
{
"affected": [],
"aliases": [
"CVE-2019-10213"
],
"database_specific": {
"cwe_ids": [
"CWE-117",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-25T15:15:00Z",
"severity": "MODERATE"
},
"details": "OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.",
"id": "GHSA-m2h6-jxj8-4jqf",
"modified": "2021-12-20T17:46:09Z",
"published": "2021-05-17T21:25:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10213"
},
{
"type": "WEB",
"url": "https://github.com/openshift/library-go/pull/244"
},
{
"type": "WEB",
"url": "https://github.com/openshift/library-go/pull/472"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4082"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4088"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734615"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10213"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:R",
"type": "CVSS_V3"
}
],
"summary": "Sensitive Data Exposure in Openshift Container Platform"
}
GHSA-M2V4-55F4-Q786
Vulnerability from github – Published: 2022-05-14 03:24 – Updated: 2022-05-14 03:24An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
{
"affected": [],
"aliases": [
"CVE-2018-8719"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-04T19:29:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.",
"id": "GHSA-m2v4-55f4-q786",
"modified": "2022-05-14T03:24:11Z",
"published": "2022-05-14T03:24:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8719"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44371"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M2W4-66R4-V852
Vulnerability from github – Published: 2023-11-14 21:31 – Updated: 2023-11-14 21:31Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2022-46647"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T19:15:15Z",
"severity": "LOW"
},
"details": "Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.",
"id": "GHSA-m2w4-66r4-v852",
"modified": "2023-11-14T21:31:00Z",
"published": "2023-11-14T21:31:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46647"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M346-F556-RXQP
Vulnerability from github – Published: 2024-05-14 18:30 – Updated: 2026-04-28 21:35Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365 Integration.This issue affects Dynamics 365 Integration: from n/a through 1.3.17.
{
"affected": [],
"aliases": [
"CVE-2024-34550"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T15:39:21Z",
"severity": "MODERATE"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in AlexaCRM Dynamics 365 Integration.This issue affects Dynamics 365 Integration: from n/a through 1.3.17.",
"id": "GHSA-m346-f556-rxqp",
"modified": "2026-04-28T21:35:10Z",
"published": "2024-05-14T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34550"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/integration-dynamics/wordpress-dynamics-365-integration-plugin-1-3-17-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M385-J8WW-M9FH
Vulnerability from github – Published: 2025-11-19 09:30 – Updated: 2025-12-02 21:31Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12.
{
"affected": [],
"aliases": [
"CVE-2025-11446"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-19T09:15:48Z",
"severity": "HIGH"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12.",
"id": "GHSA-m385-j8ww-m9fh",
"modified": "2025-12-02T21:31:27Z",
"published": "2025-11-19T09:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11446"
},
{
"type": "WEB",
"url": "https://support.upkeeper.se/hc/en-us/articles/23693858370076-CVE-2025-11446-Insertion-of-Sensitive-Information-into-Log-File"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-M3J8-P665-6QC9
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system.
{
"affected": [],
"aliases": [
"CVE-2021-1442"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-24T20:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. The vulnerability is due to insufficient protection of sensitive information. An attacker with low privileges could exploit this vulnerability by issuing the diagnostic CLI show pnp profile when a specific PnP listener is enabled on the device. A successful exploit could allow the attacker to obtain a privileged authentication token. This token can be used to send crafted PnP messages and execute privileged commands on the targeted system.",
"id": "GHSA-m3j8-p665-6qc9",
"modified": "2022-05-24T17:45:15Z",
"published": "2022-05-24T17:45:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1442"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-pnp-priv-esc-AmG3kuVL"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-M4GJ-655Q-GVM8
Vulnerability from github – Published: 2026-03-11 18:30 – Updated: 2026-03-11 18:30In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspecting the job's search log due to improper access control in the MongoClient logging channel.
{
"affected": [],
"aliases": [
"CVE-2026-20165"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-11T17:16:56Z",
"severity": "MODERATE"
},
"details": "In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could retrieve sensitive information by inspecting the job\u0027s search log due to improper access control in the MongoClient logging channel.",
"id": "GHSA-m4gj-655q-gvm8",
"modified": "2026-03-11T18:30:33Z",
"published": "2026-03-11T18:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20165"
},
{
"type": "WEB",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0304"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-M4GQ-FM9H-8Q75
Vulnerability from github – Published: 2025-03-17 21:27 – Updated: 2025-03-17 21:51Impact
Some cache backends allow configuring their credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. If this was done by the user, these secure values could be captured together with OpenTelemetry trace as part of the arguments and flags for the traced CLI command. Passing tokens to Github cache backend via environment variables or using registry authentication is not affected.
If you passed a token value like this and use a custom OpenTelemetry collector for computing traces you should make sure that your traces are kept secure. OpenTelemetry traces are also saved in BuildKit daemon's history records.
Patches
Issue has been fixed in Buildx v0.21.3 or newer.
Workarounds
Avoid passing cache backend credentials with CLI arguments. Make sure access to traces and BuildKit history records is kept secure.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.21.2"
},
"package": {
"ecosystem": "Go",
"name": "github.com/docker/buildx"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.21.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-0495"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-17T21:27:43Z",
"nvd_published_at": "2025-03-17T20:15:13Z",
"severity": "MODERATE"
},
"details": "### Impact\nSome cache backends allow configuring their credentials by setting secrets directly as attribute values in `cache-to/cache-from` configuration. If this was done by the user, these secure values could be captured together with OpenTelemetry trace as part of the arguments and flags for the traced CLI command. Passing tokens to Github cache backend via environment variables or using registry authentication is not affected.\n\nIf you passed a token value like this and use a custom OpenTelemetry collector for computing traces you should make sure that your traces are kept secure. OpenTelemetry traces are also saved in BuildKit daemon\u0027s history records.\n\n### Patches\nIssue has been fixed in Buildx v0.21.3 or newer.\n\n### Workarounds\nAvoid passing cache backend credentials with CLI arguments. Make sure access to traces and BuildKit history records is kept secure.",
"id": "GHSA-m4gq-fm9h-8q75",
"modified": "2025-03-17T21:51:49Z",
"published": "2025-03-17T21:27:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/docker/buildx/security/advisories/GHSA-m4gq-fm9h-8q75"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0495"
},
{
"type": "WEB",
"url": "https://github.com/docker/buildx/commit/18ccba072076ddbfb0aeedd6746d7719b0729b58"
},
{
"type": "PACKAGE",
"url": "https://github.com/docker/buildx"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "buildx allows a possible credential leakage to telemetry endpoint"
}
GHSA-M53V-6G22-QCV6
Vulnerability from github – Published: 2024-03-26 18:32 – Updated: 2026-04-28 21:34Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5.
{
"affected": [],
"aliases": [
"CVE-2023-44989"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-26T18:15:08Z",
"severity": "HIGH"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in GSheetConnector CF7 Google Sheets Connector.This issue affects CF7 Google Sheets Connector: from n/a through 5.0.5.",
"id": "GHSA-m53v-6g22-qcv6",
"modified": "2026-04-28T21:34:14Z",
"published": "2024-03-26T18:32:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44989"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/cf7-google-sheets-connector/wordpress-cf7-google-sheets-connector-plugin-5-0-5-sensitive-data-exposure-via-debug-log-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M557-PCMQ-5JWW
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2026-50316"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T17:16:59Z",
"severity": "MODERATE"
},
"details": "Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.",
"id": "GHSA-m557-pcmq-5jww",
"modified": "2026-07-14T18:32:04Z",
"published": "2026-07-14T18:32:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50316"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50316"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.