Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1739 vulnerabilities reference this CWE, most recent first.

GHSA-PGG6-PQ85-WXJF

Vulnerability from github – Published: 2025-01-29 21:31 – Updated: 2025-01-29 21:31
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.

This issue affects FLXEON through <= 9.3.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-48852"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-29T19:15:18Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.\n \n\nThis issue affects FLXEON through \u003c= 9.3.4.",
  "id": "GHSA-pgg6-pq85-wxjf",
  "modified": "2025-01-29T21:31:25Z",
  "published": "2025-01-29T21:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48852"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684\u0026LanguageCode=en\u0026DocumentPartId=PDF\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PH5J-6PCV-6W76

Vulnerability from github – Published: 2022-06-23 00:00 – Updated: 2022-06-30 00:00
VLAI
Details

A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-22T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "\n A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited.\n This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device.\n ",
  "id": "GHSA-ph5j-6pcv-6w76",
  "modified": "2022-06-30T00:00:37Z",
  "published": "2022-06-23T00:00:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20651"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-logging-jnLOY422"
    },
    {
      "type": "WEB",
      "url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PH6R-2988-63R2

Vulnerability from github – Published: 2025-09-27 03:30 – Updated: 2025-09-27 03:30
VLAI
Details

IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-36144"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-27T01:15:42Z",
    "severity": "LOW"
  },
  "details": "IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.",
  "id": "GHSA-ph6r-2988-63r2",
  "modified": "2025-09-27T03:30:14Z",
  "published": "2025-09-27T03:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36144"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7246267"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PHCQ-62X8-MJ46

Vulnerability from github – Published: 2023-11-22 21:31 – Updated: 2023-11-22 21:31
VLAI
Details

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25682"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-22T19:15:08Z",
    "severity": "MODERATE"
  },
  "details": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  247034.",
  "id": "GHSA-phcq-62x8-mj46",
  "modified": "2023-11-22T21:31:07Z",
  "published": "2023-11-22T21:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25682"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247034"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7080172"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PHV5-VQ5P-QHP7

Vulnerability from github – Published: 2026-04-16 15:31 – Updated: 2026-04-24 20:52
VLAI
Summary
Apache Airflow: JWT token appearing in logs
Details

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix.

Users are recommended to upgrade to version 3.2.0, which fixes this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "apache-airflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "3.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-31987"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-16T22:57:42Z",
    "nvd_published_at": "2026-04-16T14:16:13Z",
    "severity": "MODERATE"
  },
  "details": "JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. \nUsers are advised to upgrade to Airflow version that contains fix.\n\nUsers are recommended to upgrade to version 3.2.0, which fixes this issue.",
  "id": "GHSA-phv5-vq5p-qhp7",
  "modified": "2026-04-24T20:52:30Z",
  "published": "2026-04-16T15:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31987"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/issues/62428"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/issues/62773"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/airflow/pull/62964"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/airflow"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/pvsrtxzwo9xy6xgknmwslv4zrw70kt6g"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/16/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Airflow: JWT token appearing in logs"
}

GHSA-PJ43-GPQR-FHM8

Vulnerability from github – Published: 2024-04-10 18:30 – Updated: 2026-04-28 21:34
VLAI
Details

Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-31259"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-10T16:15:13Z",
    "severity": "HIGH"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5.",
  "id": "GHSA-pj43-gpqr-fhm8",
  "modified": "2026-04-28T21:34:33Z",
  "published": "2024-04-10T18:30:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31259"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/searchiq/wordpress-searchiq-plugin-4-5-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PM48-CVV2-29Q5

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-09-09 21:12
VLAI
Summary
Ansible Uses Plugins That Disclose Credentials
Details

Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.20"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0a1"
            },
            {
              "fixed": "2.7.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0a1"
            },
            {
              "fixed": "2.8.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-14846"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-117",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-17T22:21:08Z",
    "nvd_published_at": "2019-10-08T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.",
  "id": "GHSA-pm48-cvv2-29q5",
  "modified": "2024-09-09T21:12:08Z",
  "published": "2022-05-24T16:58:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14846"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/pull/63366"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3201"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3202"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3203"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:3207"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0756"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4950"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Ansible Uses Plugins That Disclose Credentials"
}

GHSA-PM4J-P7PM-FPVX

Vulnerability from github – Published: 2025-04-09 15:32 – Updated: 2025-07-15 00:27
VLAI
Summary
Apache ActiveMQ Artemis Vulnerable to Insertion of Sensitive Information into Log File
Details

Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled.

This issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.

Users are recommended to upgrade to version 2.40.0, which fixes the issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.activemq:artemis-project"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.1"
            },
            {
              "fixed": "2.40.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-27391"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-10T14:25:45Z",
    "nvd_published_at": "2025-04-09T15:16:02Z",
    "severity": "MODERATE"
  },
  "details": "Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are\u00a0logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the\u00a0debug level enabled.\n\nThis issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.\n\nUsers are recommended to upgrade to version 2.40.0, which fixes the issue.",
  "id": "GHSA-pm4j-p7pm-fpvx",
  "modified": "2025-07-15T00:27:12Z",
  "published": "2025-04-09T15:32:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27391"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/activemq-artemis"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/25p96cvzl1mkt29lwm2d8knklkoqolps"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/04/09/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache ActiveMQ Artemis Vulnerable to Insertion of Sensitive Information into Log File"
}

GHSA-PM7Q-RJJX-979P

Vulnerability from github – Published: 2026-04-14 23:14 – Updated: 2026-04-24 20:39
VLAI
Summary
Oxia exposes bearer token in debug log messages on authentication failure
Details

Summary

When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.

Impact

An attacker with access to application logs (e.g., via a compromised log aggregation pipeline, shared logging infrastructure, or misconfigured log access controls) can extract valid JWT tokens and replay them to authenticate as legitimate users.

All versions using OIDC authentication are affected.

Details

In oxiad/common/rpc/auth/interceptor.go, the validateTokenWithContext() function logs the complete token value via slog.String("token", token) when authentication fails. This includes the full JWT header, payload, and signature.

Patches

Fixed by redacting the token in log output — only the last 8 characters are preserved for correlation purposes.

Workarounds

Ensure DEBUG-level logging is never enabled in production environments.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.16.1"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/oxia-db/oxia"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.16.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-40945"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-14T23:14:38Z",
    "nvd_published_at": "2026-04-21T22:16:20Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nWhen OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.\n\n### Impact\nAn attacker with access to application logs (e.g., via a compromised log aggregation pipeline, shared logging infrastructure, or misconfigured log access controls) can extract valid JWT tokens and replay them to authenticate as legitimate users.\n\nAll versions using OIDC authentication are affected.\n\n### Details\nIn `oxiad/common/rpc/auth/interceptor.go`, the `validateTokenWithContext()` function logs the complete token value via `slog.String(\"token\", token)` when authentication fails. This includes the full JWT header, payload, and signature.\n\n### Patches\nFixed by redacting the token in log output \u2014 only the last 8 characters are preserved for correlation purposes.\n\n### Workarounds\nEnsure DEBUG-level logging is never enabled in production environments.",
  "id": "GHSA-pm7q-rjjx-979p",
  "modified": "2026-04-24T20:39:49Z",
  "published": "2026-04-14T23:14:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/oxia-db/oxia/security/advisories/GHSA-pm7q-rjjx-979p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40945"
    },
    {
      "type": "WEB",
      "url": "https://github.com/oxia-db/oxia/commit/f7259d0ebc739fc95ff19f93c823433850857416"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/oxia-db/oxia"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Oxia exposes bearer token in debug log messages on authentication failure"
}

GHSA-PPGH-3FJJ-H297

Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2022-05-24 16:52
VLAI
Details

A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the default password when logging in to the web portal for the first time. Subsequent password changes are not logged and other accounts are not affected. An attacker could exploit this vulnerability by viewing the admin clear text password and using it to access the affected system. The attacker would need a valid user account to exploit this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1953"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-08-08T08:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the default password when logging in to the web portal for the first time. Subsequent password changes are not logged and other accounts are not affected. An attacker could exploit this vulnerability by viewing the admin clear text password and using it to access the affected system. The attacker would need a valid user account to exploit this vulnerability.",
  "id": "GHSA-ppgh-3fjj-h297",
  "modified": "2022-05-24T16:52:56Z",
  "published": "2022-05-24T16:52:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1953"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-pwrecov"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.