CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1742 vulnerabilities reference this CWE, most recent first.
GHSA-MXH8-XGQ9-W782
Vulnerability from github – Published: 2022-05-01 17:47 – Updated: 2024-05-14 20:50An information leak was discovered in MoinMoin's debug reporting version 1.5.7, which could expose information about the versions of software running on the host system. MoinMoin administrators can add "show_traceback=0" to their site configurations to disable debug tracebacks.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "moin"
},
"ranges": [
{
"events": [
{
"introduced": "1.5.7"
},
{
"fixed": "1.5.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.7"
]
}
],
"aliases": [
"CVE-2007-0902"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-14T20:50:29Z",
"nvd_published_at": "2007-02-13T20:28:00Z",
"severity": "MODERATE"
},
"details": "An information leak was discovered in MoinMoin\u0027s debug reporting version 1.5.7, which could expose information about the versions of software running on the host system. MoinMoin administrators can add \"show_traceback=0\" to their site configurations to disable debug tracebacks.",
"id": "GHSA-mxh8-xgq9-w782",
"modified": "2024-05-14T20:50:29Z",
"published": "2022-05-01T17:47:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0902"
},
{
"type": "WEB",
"url": "https://moinmo.in/MoinMoinRelease1.5/CHANGES"
},
{
"type": "WEB",
"url": "http://osvdb.org/33173"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/24138"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/24244"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/22515"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-423-1"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "MoinMoin Insertion of Sensitive Information into Log File"
}
GHSA-MXQF-9J3W-RV3F
Vulnerability from github – Published: 2023-10-25 21:30 – Updated: 2023-11-02 15:30A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data.
{
"affected": [],
"aliases": [
"CVE-2023-41254"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-25T19:15:09Z",
"severity": "MODERATE"
},
"details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data.",
"id": "GHSA-mxqf-9j3w-rv3f",
"modified": "2023-11-02T15:30:24Z",
"published": "2023-10-25T21:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41254"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213981"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213982"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213984"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213985"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213988"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213981"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213982"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213984"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213985"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213988"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/19"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/23"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/24"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/25"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2023/Oct/26"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P246-M8PM-4PJP
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-05-24 19:04GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
{
"affected": [],
"aliases": [
"CVE-2021-22219"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-08T19:15:00Z",
"severity": "MODERATE"
},
"details": "GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.",
"id": "GHSA-p246-m8pm-4pjp",
"modified": "2022-05-24T19:04:18Z",
"published": "2022-05-24T19:04:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22219"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22219.json"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/296995"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P26C-M2C6-49F2
Vulnerability from github – Published: 2025-12-18 18:30 – Updated: 2025-12-18 18:30IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
{
"affected": [],
"aliases": [
"CVE-2025-36133"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-01T12:15:31Z",
"severity": "MODERATE"
},
"details": "IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and\u00a012.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.",
"id": "GHSA-p26c-m2c6-49f2",
"modified": "2025-12-18T18:30:28Z",
"published": "2025-12-18T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36133"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7243690"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P36Q-CC77-7334
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-05-24 19:09A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
{
"affected": [],
"aliases": [
"CVE-2021-37760"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-31T18:15:00Z",
"severity": "CRITICAL"
},
"details": "A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).",
"id": "GHSA-p36q-cc77-7334",
"modified": "2022-05-24T19:09:28Z",
"published": "2022-05-24T19:09:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37760"
},
{
"type": "WEB",
"url": "https://www.graylog.org/post/announcing-graylog-v4-1-2"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P3WR-7QRC-FWP9
Vulnerability from github – Published: 2025-11-04 06:31 – Updated: 2025-11-04 06:31The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as other users as long as they have used the plugin's custom authentication feature before. This may include administrators, which makes a complete site takeover possible.
{
"affected": [],
"aliases": [
"CVE-2025-11008"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-04T04:15:37Z",
"severity": "CRITICAL"
},
"details": "The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as other users as long as they have used the plugin\u0027s custom authentication feature before. This may include administrators, which makes a complete site takeover possible.",
"id": "GHSA-p3wr-7qrc-fwp9",
"modified": "2025-11-04T06:31:10Z",
"published": "2025-11-04T06:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11008"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/ce21-suite"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/91aa86d9-8e42-4deb-b6ca-c3b388fefcb1?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P47J-XX8M-FJR9
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2022-05-24 17:35IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991.
{
"affected": [],
"aliases": [
"CVE-2020-4900"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-30T16:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 190991.",
"id": "GHSA-p47j-xx8m-fjr9",
"modified": "2022-05-24T17:35:19Z",
"published": "2022-05-24T17:35:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4900"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190991"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6373004"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-P529-VRPR-9P36
Vulnerability from github – Published: 2026-05-05 09:31 – Updated: 2026-05-05 09:31An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files.
An attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.
{
"affected": [],
"aliases": [
"CVE-2026-7824"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-05T07:16:01Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the PaperCut Hive Ricoh embedded application. When the \"Deep Logging\" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files.\n\n\n\nAn attacker with administrative access to the PaperCut Hive management portal could remotely enable deep logging and subsequently retrieve sensitive device passwords from the logs after an authorized user authenticates at the device. This exposure allows for the lateral movement or unauthorized configuration of the physical print hardware.",
"id": "GHSA-p529-vrpr-9p36",
"modified": "2026-05-05T09:31:55Z",
"published": "2026-05-05T09:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7824"
},
{
"type": "WEB",
"url": "https://www.papercut.com/kb/Main/papercut-ng-mf-and-papercut-hive-security-bulletin-may-2026"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-P5FP-56MJ-RXM3
Vulnerability from github – Published: 2024-09-25 18:31 – Updated: 2024-10-01 21:31An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions
{
"affected": [],
"aliases": [
"CVE-2024-7421"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-25T16:15:11Z",
"severity": "MODERATE"
},
"details": "An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions",
"id": "GHSA-p5fp-56mj-rxm3",
"modified": "2024-10-01T21:31:33Z",
"published": "2024-09-25T18:31:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7421"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2024-0014"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P632-5P4V-9HH3
Vulnerability from github – Published: 2022-03-08 00:00 – Updated: 2022-03-17 00:03The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses
{
"affected": [],
"aliases": [
"CVE-2021-25009"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-07T09:15:00Z",
"severity": "MODERATE"
},
"details": "The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses",
"id": "GHSA-p632-5p4v-9hh3",
"modified": "2022-03-17T00:03:03Z",
"published": "2022-03-08T00:00:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25009"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.