CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1743 vulnerabilities reference this CWE, most recent first.
GHSA-MJJG-JGRJ-9453
Vulnerability from github – Published: 2025-02-11 21:32 – Updated: 2025-02-13 18:32A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystore is protected with a low-complexity, auto-generated password.
{
"affected": [],
"aliases": [
"CVE-2022-35202"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-11T19:15:10Z",
"severity": "MODERATE"
},
"details": "A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystore is protected with a low-complexity, auto-generated password.",
"id": "GHSA-mjjg-jgrj-9453",
"modified": "2025-02-13T18:32:31Z",
"published": "2025-02-11T21:32:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35202"
},
{
"type": "WEB",
"url": "https://developer.sitevision.se/archives/release-notes/release-notes/2022-05-06-release-notes-sitevision-10.3"
},
{
"type": "WEB",
"url": "https://www.shelltrail.com/research/how-auto-generated-passwords-in-sitevision-leads-to-signing-key-leakage-cve-2022-35202"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MJR4-9RV8-9G3F
Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2022-05-13 01:34Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information.
{
"affected": [],
"aliases": [
"CVE-2018-17499"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-21T16:00:00Z",
"severity": "MODERATE"
},
"details": "Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information.",
"id": "GHSA-mjr4-9rv8-9g3f",
"modified": "2022-05-13T01:34:02Z",
"published": "2022-05-13T01:34:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17499"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/149659"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MJV9-VP6W-3RC9
Vulnerability from github – Published: 2023-04-26 16:01 – Updated: 2026-04-06 17:17The aws_sigv4::SigningParams struct had a derived Debug implementation. When debug-formatted, it would include a user's AWS access key, AWS secret key, and security token in plaintext. When TRACE-level logging is enabled for an SDK, SigningParams is printed, thereby revealing those credentials to anyone with access to logs.
Impact
All users of the AWS SDK for Rust who enabled TRACE-level logging, either globally (e.g. RUST_LOG=trace), or for the aws-sigv4 crate specifically.
Patches
- Versions >=
0.55.1 0.54.20.53.20.52.10.51.10.50.10.49.10.48.10.47.10.46.10.15.10.14.10.13.10.12.10.11.10.10.20.9.10.8.10.7.10.6.10.5.30.3.10.2.1
Workarounds
Disable TRACE-level logging for AWS Rust SDK crates.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.55.0"
},
{
"fixed": "0.55.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.55.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.54.1"
},
{
"fixed": "0.54.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.54.1"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.53.1"
},
{
"fixed": "0.53.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.53.1"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.52.0"
},
{
"fixed": "0.52.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.52.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.51.0"
},
{
"fixed": "0.51.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.51.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.49.0"
},
{
"fixed": "0.49.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.49.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.48.0"
},
{
"fixed": "0.48.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.48.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.47.0"
},
{
"fixed": "0.47.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.47.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.46.0"
},
{
"fixed": "0.46.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.46.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.15.0"
},
{
"fixed": "0.15.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.15.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.14.0"
},
{
"fixed": "0.14.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.14.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.13.0"
},
{
"fixed": "0.13.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.13.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.12.0"
},
{
"fixed": "0.12.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.12.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.11.0"
},
{
"fixed": "0.11.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.11.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.10.1"
},
{
"fixed": "0.10.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.10.1"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.9.0"
},
{
"fixed": "0.9.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.9.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.8.0"
},
{
"fixed": "0.8.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.8.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.7.0"
},
{
"fixed": "0.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.7.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.0"
},
{
"fixed": "0.6.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.6.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.5.2"
},
{
"fixed": "0.5.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.5.2"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.4.1"
},
{
"fixed": "0.4.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.4.1"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.3.0"
},
{
"fixed": "0.3.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.3.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "aws-sigv4"
},
"ranges": [
{
"events": [
{
"introduced": "0.2.0"
},
{
"fixed": "0.2.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.2.0"
]
}
],
"aliases": [
"CVE-2023-30610"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-26T16:01:10Z",
"nvd_published_at": "2023-04-19T18:15:07Z",
"severity": "MODERATE"
},
"details": "The `aws_sigv4::SigningParams` struct had a derived `Debug` implementation. When debug-formatted, it would include a user\u0027s AWS access key, AWS secret key, and security token in plaintext. When TRACE-level logging is enabled for an SDK, `SigningParams` is printed, thereby revealing those credentials to anyone with access to logs.\n\n### Impact\nAll users of the AWS SDK for Rust who enabled TRACE-level logging, either globally (e.g. `RUST_LOG=trace`), or for the `aws-sigv4` crate specifically.\n\n### Patches\n- Versions \u003e= `0.55.1`\n- `0.54.2`\n- `0.53.2`\n- `0.52.1`\n- `0.51.1`\n- `0.50.1`\n- `0.49.1`\n- `0.48.1`\n- `0.47.1`\n- `0.46.1`\n- `0.15.1`\n- `0.14.1`\n- `0.13.1`\n- `0.12.1`\n- `0.11.1`\n- `0.10.2`\n- `0.9.1`\n- `0.8.1`\n- `0.7.1`\n- `0.6.1`\n- `0.5.3`\n- `0.3.1`\n- `0.2.1`\n\n### Workarounds\nDisable TRACE-level logging for AWS Rust SDK crates.",
"id": "GHSA-mjv9-vp6w-3rc9",
"modified": "2026-04-06T17:17:04Z",
"published": "2023-04-26T16:01:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/awslabs/aws-sdk-rust/security/advisories/GHSA-mjv9-vp6w-3rc9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30610"
},
{
"type": "PACKAGE",
"url": "https://github.com/awslabs/aws-sdk-rust"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2023-0125.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "AWS SDK for Rust will log AWS credentials when TRACE-level logging is enabled for request sending"
}
GHSA-MMC8-8J7M-RCWJ
Vulnerability from github – Published: 2025-09-12 18:31 – Updated: 2025-09-12 18:31A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs.
{
"affected": [],
"aliases": [
"CVE-2025-4234"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-12T18:15:34Z",
"severity": "LOW"
},
"details": "A problem with the Palo Alto Networks Cortex XDR Microsoft 365 Defender Pack can result in exposure of user credentials in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting purposes. This means that these credentials are exposed to recipients of the application logs.",
"id": "GHSA-mmc8-8j7m-rcwj",
"modified": "2025-09-12T18:31:10Z",
"published": "2025-09-12T18:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4234"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2025-4234"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
"type": "CVSS_V4"
}
]
}
GHSA-MMW4-F58V-GJ6M
Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32Windows Kernel Memory Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2025-21319"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T18:15:56Z",
"severity": "MODERATE"
},
"details": "Windows Kernel Memory Information Disclosure Vulnerability",
"id": "GHSA-mmw4-f58v-gj6m",
"modified": "2025-01-14T18:32:04Z",
"published": "2025-01-14T18:32:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21319"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21319"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MP65-CJ4X-X9FQ
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-05-24 19:04Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.
{
"affected": [],
"aliases": [
"CVE-2021-21558"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-08T18:15:00Z",
"severity": "MODERATE"
},
"details": "Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.",
"id": "GHSA-mp65-cj4x-x9fq",
"modified": "2022-05-24T19:04:19Z",
"published": "2022-05-24T19:04:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21558"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000186638/dsa-2021-104-dell-emc-networker-security-update-for-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-MPF9-68P5-X53H
Vulnerability from github – Published: 2026-03-25 03:31 – Updated: 2026-03-25 21:30A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.
{
"affected": [],
"aliases": [
"CVE-2026-28868"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-25T01:17:10Z",
"severity": "MODERATE"
},
"details": "A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.",
"id": "GHSA-mpf9-68p5-x53h",
"modified": "2026-03-25T21:30:31Z",
"published": "2026-03-25T03:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28868"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126792"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126793"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126794"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126795"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126796"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126798"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/126799"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-MPR2-984F-35C4
Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2022-05-24 22:28An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
{
"affected": [],
"aliases": [
"CVE-2021-3032"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-13T18:15:00Z",
"severity": "MODERATE"
},
"details": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.",
"id": "GHSA-mpr2-984f-35c4",
"modified": "2022-05-24T22:28:48Z",
"published": "2022-05-24T22:28:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3032"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2021-3032"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-MPX4-JMPR-VM8V
Vulnerability from github – Published: 2026-06-18 15:05 – Updated: 2026-06-18 15:05Impact
When using .pgpass, database connection information including the username and password will be logged at the debug level.
Patches
Upgrade to version 2.7.1 or greater.
Workarounds
Filter out debug-level logs.
References
This issue was discovered by BugCrowd user DRAKOKORIAN.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pghoard"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-54711"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-18T15:05:20Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "### Impact\nWhen using .pgpass, database connection information including the username and password will be logged at the debug level.\n\n### Patches\nUpgrade to version 2.7.1 or greater.\n\n### Workarounds\nFilter out debug-level logs.\n\n### References\nThis issue was discovered by BugCrowd user DRAKOKORIAN.",
"id": "GHSA-mpx4-jmpr-vm8v",
"modified": "2026-06-18T15:05:20Z",
"published": "2026-06-18T15:05:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Aiven-Open/pghoard/security/advisories/GHSA-mpx4-jmpr-vm8v"
},
{
"type": "PACKAGE",
"url": "https://github.com/Aiven-Open/pghoard"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "PGHoard: Password written to debug log"
}
GHSA-MQMF-5457-4F39
Vulnerability from github – Published: 2022-05-24 19:15 – Updated: 2022-05-24 19:15Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --log or --verbose is used, exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).
{
"affected": [],
"aliases": [
"CVE-2021-39246"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-24T19:15:00Z",
"severity": "MODERATE"
},
"details": "Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --log or --verbose is used, exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).",
"id": "GHSA-mqmf-5457-4f39",
"modified": "2022-05-24T19:15:41Z",
"published": "2022-05-24T19:15:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39246"
},
{
"type": "WEB",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-111.md"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/tor/-/commit/80c404c4b79f3bcba3fc4585d4c62a62a04f3ed9"
},
{
"type": "WEB",
"url": "https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/434"
},
{
"type": "WEB",
"url": "https://sick.codes/sick-2021-111"
},
{
"type": "WEB",
"url": "https://www.privacyaffairs.com/cve-2021-39246-tor-vulnerability"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.