CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-Q9V8-HHCR-3G53
Vulnerability from github – Published: 2022-06-16 00:00 – Updated: 2025-01-02 21:31Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-30148"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-15T22:15:00Z",
"severity": "MODERATE"
},
"details": "Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.",
"id": "GHSA-q9v8-hhcr-3g53",
"modified": "2025-01-02T21:31:37Z",
"published": "2022-06-16T00:00:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30148"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30148"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30148"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QCJ3-H27M-MP9X
Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2024-10-07 21:32In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "octavia"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "octavia"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0.0b1"
},
{
"fixed": "3.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-16856"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-29T11:08:44Z",
"nvd_published_at": "2019-03-26T18:29:00Z",
"severity": "HIGH"
},
"details": "In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.",
"id": "GHSA-qcj3-h27m-mp9x",
"modified": "2024-10-07T21:32:17Z",
"published": "2022-05-13T01:07:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16856"
},
{
"type": "WEB",
"url": "https://github.com/openstack/octavia/commit/ae7c87f54a6c5483a608d5e9fe51ea1966ea1f7e"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856"
},
{
"type": "PACKAGE",
"url": "https://github.com/openstack/octavia"
},
{
"type": "WEB",
"url": "https://github.com/openstack/octavia/commits/3.1.0"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/octavia/PYSEC-2019-193.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Openstack Octavia allows Insertion of Sensitive Information into Log File"
}
GHSA-QCM2-HCG7-GMV8
Vulnerability from github – Published: 2022-07-21 00:00 – Updated: 2022-07-28 00:00In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases
{
"affected": [],
"aliases": [
"CVE-2022-36321"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-20T13:15:00Z",
"severity": "MODERATE"
},
"details": "In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases",
"id": "GHSA-qcm2-hcg7-gmv8",
"modified": "2022-07-28T00:00:40Z",
"published": "2022-07-21T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36321"
},
{
"type": "WEB",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QF5X-JV3X-595J
Vulnerability from github – Published: 2026-03-03 21:31 – Updated: 2026-03-03 21:31IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file.
{
"affected": [],
"aliases": [
"CVE-2026-1265"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-03T20:16:45Z",
"severity": "MODERATE"
},
"details": "IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file.",
"id": "GHSA-qf5x-jv3x-595j",
"modified": "2026-03-03T21:31:16Z",
"published": "2026-03-03T21:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1265"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7259627"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QF6H-WR49-RV76
Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-28 00:00A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.
{
"affected": [],
"aliases": [
"CVE-2022-32217"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.",
"id": "GHSA-qf6h-wr49-rv76",
"modified": "2022-09-28T00:00:24Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32217"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1394399"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QG95-6496-M556
Vulnerability from github – Published: 2023-12-12 03:31 – Updated: 2023-12-14 18:30Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication.
{
"affected": [],
"aliases": [
"CVE-2023-36649"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-12-12T01:15:10Z",
"severity": "CRITICAL"
},
"details": "Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication.",
"id": "GHSA-qg95-6496-m556",
"modified": "2023-12-14T18:30:19Z",
"published": "2023-12-12T03:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36649"
},
{
"type": "WEB",
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36649"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QGMM-F2QW-R95F
Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2024-04-22 23:11A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.keycloak:keycloak-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-1698"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-22T23:11:33Z",
"nvd_published_at": "2020-05-11T14:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.",
"id": "GHSA-qgmm-f2qw-r95f",
"modified": "2024-04-22T23:11:33Z",
"published": "2022-05-24T17:17:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1698"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/pull/6751"
},
{
"type": "WEB",
"url": "https://github.com/keycloak/keycloak/commit/62c9e1577618470832ede22dcedd46cba15b1836"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1698"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Keycloak leaks sensitive information in logged exceptions"
}
GHSA-QGVX-32F8-PQ66
Vulnerability from github – Published: 2022-05-24 16:49 – Updated: 2023-01-31 21:30IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.
{
"affected": [],
"aliases": [
"CVE-2019-4299"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-01T15:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.",
"id": "GHSA-qgvx-32f8-pq66",
"modified": "2023-01-31T21:30:17Z",
"published": "2022-05-24T16:49:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4299"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160765"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10884842"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QGWP-X6H8-QX34
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.
{
"affected": [],
"aliases": [
"CVE-2021-25423"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-11T15:15:00Z",
"severity": "MODERATE"
},
"details": "Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.",
"id": "GHSA-qgwp-x6h8-qx34",
"modified": "2022-05-24T19:05:06Z",
"published": "2022-05-24T19:05:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25423"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=6"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QH9X-MC42-VG4G
Vulnerability from github – Published: 2022-05-14 03:32 – Updated: 2024-11-18 16:26Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your Django error reports, an attacker could discover your ANYMAIL_WEBHOOK setting and use this to post fabricated or malicious Anymail tracking/inbound events to your app. This vulnerability appears to have been fixed in v1.4.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "django-anymail"
},
"ranges": [
{
"events": [
{
"introduced": "0.2"
},
{
"fixed": "1.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-1000089"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-27T21:33:52Z",
"nvd_published_at": "2018-03-13T15:29:00Z",
"severity": "CRITICAL"
},
"details": "Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your Django error reports, an attacker could discover your ANYMAIL_WEBHOOK setting and use this to post fabricated or malicious Anymail tracking/inbound events to your app. This vulnerability appears to have been fixed in v1.4.",
"id": "GHSA-qh9x-mc42-vg4g",
"modified": "2024-11-18T16:26:21Z",
"published": "2022-05-14T03:32:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000089"
},
{
"type": "WEB",
"url": "https://github.com/anymail/django-anymail/commit/1a6086f2b58478d71f89bf27eb034ed81aefe5ef"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-qh9x-mc42-vg4g"
},
{
"type": "PACKAGE",
"url": "https://github.com/anymail/django-anymail"
},
{
"type": "WEB",
"url": "https://github.com/anymail/django-anymail/releases/tag/v1.4"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django-anymail/PYSEC-2018-46.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "django-anymail Includes Sensitive Information in Log Files"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.