CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-PGG6-PQ85-WXJF
Vulnerability from github – Published: 2025-01-29 21:31 – Updated: 2025-01-29 21:31Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.
This issue affects FLXEON through <= 9.3.4.
{
"affected": [],
"aliases": [
"CVE-2024-48852"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-29T19:15:18Z",
"severity": "MODERATE"
},
"details": "Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.\n \n\nThis issue affects FLXEON through \u003c= 9.3.4.",
"id": "GHSA-pgg6-pq85-wxjf",
"modified": "2025-01-29T21:31:25Z",
"published": "2025-01-29T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48852"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684\u0026LanguageCode=en\u0026DocumentPartId=PDF\u0026Action=Launch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PH5J-6PCV-6W76
Vulnerability from github – Published: 2022-06-23 00:00 – Updated: 2022-06-30 00:00A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device.
{
"affected": [],
"aliases": [
"CVE-2022-20651"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-22T14:15:00Z",
"severity": "MODERATE"
},
"details": "\n A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited.\n This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device.\n ",
"id": "GHSA-ph5j-6pcv-6w76",
"modified": "2022-06-30T00:00:37Z",
"published": "2022-06-23T00:00:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20651"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asdm-logging-jnLOY422"
},
{
"type": "WEB",
"url": "https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PH6R-2988-63R2
Vulnerability from github – Published: 2025-09-27 03:30 – Updated: 2025-09-27 03:30IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.
{
"affected": [],
"aliases": [
"CVE-2025-36144"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-27T01:15:42Z",
"severity": "LOW"
},
"details": "IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.",
"id": "GHSA-ph6r-2988-63r2",
"modified": "2025-09-27T03:30:14Z",
"published": "2025-09-27T03:30:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36144"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7246267"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PHCQ-62X8-MJ46
Vulnerability from github – Published: 2023-11-22 21:31 – Updated: 2023-11-22 21:31IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.
{
"affected": [],
"aliases": [
"CVE-2023-25682"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-22T19:15:08Z",
"severity": "MODERATE"
},
"details": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.",
"id": "GHSA-phcq-62x8-mj46",
"modified": "2023-11-22T21:31:07Z",
"published": "2023-11-22T21:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25682"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247034"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7080172"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PHV5-VQ5P-QHP7
Vulnerability from github – Published: 2026-04-16 15:31 – Updated: 2026-04-24 20:52JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix.
Users are recommended to upgrade to version 3.2.0, which fixes this issue.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "apache-airflow"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-31987"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-16T22:57:42Z",
"nvd_published_at": "2026-04-16T14:16:13Z",
"severity": "MODERATE"
},
"details": "JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. \nUsers are advised to upgrade to Airflow version that contains fix.\n\nUsers are recommended to upgrade to version 3.2.0, which fixes this issue.",
"id": "GHSA-phv5-vq5p-qhp7",
"modified": "2026-04-24T20:52:30Z",
"published": "2026-04-16T15:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31987"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/issues/62428"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/issues/62773"
},
{
"type": "WEB",
"url": "https://github.com/apache/airflow/pull/62964"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/airflow"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/pvsrtxzwo9xy6xgknmwslv4zrw70kt6g"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/04/16/7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache Airflow: JWT token appearing in logs"
}
GHSA-PJ43-GPQR-FHM8
Vulnerability from github – Published: 2024-04-10 18:30 – Updated: 2026-04-28 21:34Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5.
{
"affected": [],
"aliases": [
"CVE-2024-31259"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-10T16:15:13Z",
"severity": "HIGH"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5.",
"id": "GHSA-pj43-gpqr-fhm8",
"modified": "2026-04-28T21:34:33Z",
"published": "2024-04-10T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31259"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/searchiq/wordpress-searchiq-plugin-4-5-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PM48-CVV2-29Q5
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-09-09 21:12Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.20"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0a1"
},
{
"fixed": "2.7.14"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "ansible"
},
"ranges": [
{
"events": [
{
"introduced": "2.8.0a1"
},
{
"fixed": "2.8.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-14846"
],
"database_specific": {
"cwe_ids": [
"CWE-117",
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-17T22:21:08Z",
"nvd_published_at": "2019-10-08T19:15:00Z",
"severity": "HIGH"
},
"details": "Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to ansible_engine-3.5, was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.",
"id": "GHSA-pm48-cvv2-29q5",
"modified": "2024-09-09T21:12:08Z",
"published": "2022-05-24T16:58:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14846"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/pull/63366"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/90e74dd2600e5cc42dd9b4f4656f3d651c4ce5c4"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/cb0f535a8b254a2daf69cd067e842fabb2993034"
},
{
"type": "WEB",
"url": "https://github.com/ansible/ansible/commit/d961f676c01023a6a21503df16ba551a550e515b"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3201"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3202"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3203"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3207"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0756"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846"
},
{
"type": "PACKAGE",
"url": "https://github.com/ansible/ansible"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2019-4.yaml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00023.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4950"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Ansible Uses Plugins That Disclose Credentials"
}
GHSA-PM4J-P7PM-FPVX
Vulnerability from github – Published: 2025-04-09 15:32 – Updated: 2025-07-15 00:27Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled.
This issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.
Users are recommended to upgrade to version 2.40.0, which fixes the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.activemq:artemis-project"
},
"ranges": [
{
"events": [
{
"introduced": "1.5.1"
},
{
"fixed": "2.40.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-27391"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-10T14:25:45Z",
"nvd_published_at": "2025-04-09T15:16:02Z",
"severity": "MODERATE"
},
"details": "Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are\u00a0logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the\u00a0debug level enabled.\n\nThis issue affects Apache ActiveMQ Artemis: from 1.5.1 before 2.40.0. It can be mitigated by restricting log access to only trusted users.\n\nUsers are recommended to upgrade to version 2.40.0, which fixes the issue.",
"id": "GHSA-pm4j-p7pm-fpvx",
"modified": "2025-07-15T00:27:12Z",
"published": "2025-04-09T15:32:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27391"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/activemq-artemis"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/25p96cvzl1mkt29lwm2d8knklkoqolps"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/04/09/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Apache ActiveMQ Artemis Vulnerable to Insertion of Sensitive Information into Log File"
}
GHSA-PM7Q-RJJX-979P
Vulnerability from github – Published: 2026-04-14 23:14 – Updated: 2026-04-24 20:39Summary
When OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.
Impact
An attacker with access to application logs (e.g., via a compromised log aggregation pipeline, shared logging infrastructure, or misconfigured log access controls) can extract valid JWT tokens and replay them to authenticate as legitimate users.
All versions using OIDC authentication are affected.
Details
In oxiad/common/rpc/auth/interceptor.go, the validateTokenWithContext() function logs the complete token value via slog.String("token", token) when authentication fails. This includes the full JWT header, payload, and signature.
Patches
Fixed by redacting the token in log output — only the last 8 characters are preserved for correlation purposes.
Workarounds
Ensure DEBUG-level logging is never enabled in production environments.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.16.1"
},
"package": {
"ecosystem": "Go",
"name": "github.com/oxia-db/oxia"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.16.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-40945"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-14T23:14:38Z",
"nvd_published_at": "2026-04-21T22:16:20Z",
"severity": "HIGH"
},
"details": "### Summary\nWhen OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in application logs and any connected log aggregation system.\n\n### Impact\nAn attacker with access to application logs (e.g., via a compromised log aggregation pipeline, shared logging infrastructure, or misconfigured log access controls) can extract valid JWT tokens and replay them to authenticate as legitimate users.\n\nAll versions using OIDC authentication are affected.\n\n### Details\nIn `oxiad/common/rpc/auth/interceptor.go`, the `validateTokenWithContext()` function logs the complete token value via `slog.String(\"token\", token)` when authentication fails. This includes the full JWT header, payload, and signature.\n\n### Patches\nFixed by redacting the token in log output \u2014 only the last 8 characters are preserved for correlation purposes.\n\n### Workarounds\nEnsure DEBUG-level logging is never enabled in production environments.",
"id": "GHSA-pm7q-rjjx-979p",
"modified": "2026-04-24T20:39:49Z",
"published": "2026-04-14T23:14:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/oxia-db/oxia/security/advisories/GHSA-pm7q-rjjx-979p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40945"
},
{
"type": "WEB",
"url": "https://github.com/oxia-db/oxia/commit/f7259d0ebc739fc95ff19f93c823433850857416"
},
{
"type": "PACKAGE",
"url": "https://github.com/oxia-db/oxia"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Oxia exposes bearer token in debug log messages on authentication failure"
}
GHSA-PPGH-3FJJ-H297
Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2022-05-24 16:52A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the default password when logging in to the web portal for the first time. Subsequent password changes are not logged and other accounts are not affected. An attacker could exploit this vulnerability by viewing the admin clear text password and using it to access the affected system. The attacker would need a valid user account to exploit this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2019-1953"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-08T08:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to view a password in clear text. The vulnerability is due to incorrectly logging the admin password when a user is forced to modify the default password when logging in to the web portal for the first time. Subsequent password changes are not logged and other accounts are not affected. An attacker could exploit this vulnerability by viewing the admin clear text password and using it to access the affected system. The attacker would need a valid user account to exploit this vulnerability.",
"id": "GHSA-ppgh-3fjj-h297",
"modified": "2022-05-24T16:52:56Z",
"published": "2022-05-24T16:52:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1953"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-pwrecov"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.