CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-QHQ8-VG87-FPM2
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.
{
"affected": [],
"aliases": [
"CVE-2021-23924"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-01T22:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.",
"id": "GHSA-qhq8-vg87-fpm2",
"modified": "2022-05-24T17:46:25Z",
"published": "2022-05-24T17:46:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23924"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/devo-2021-0002"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QJ23-W8JM-W8WV
Vulnerability from github – Published: 2025-07-03 12:34 – Updated: 2025-07-03 12:34System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.
{
"affected": [],
"aliases": [
"CVE-2025-6587"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-03T10:15:37Z",
"severity": "MODERATE"
},
"details": "System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.\u00a0\nA malicious actor with read access to these logs could obtain secrets and further use them to gain unauthorized access to other systems. Starting with version 4.43.0 Docker Desktop no longer logs system environment variables as part of diagnostics log collection.",
"id": "GHSA-qj23-w8jm-w8wv",
"modified": "2025-07-03T12:34:56Z",
"published": "2025-07-03T12:34:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6587"
},
{
"type": "WEB",
"url": "https://docs.docker.com/desktop/troubleshoot-and-support/troubleshoot/#check-the-logs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QJ3C-9P7W-6V83
Vulnerability from github – Published: 2025-04-22 06:30 – Updated: 2025-04-22 06:30Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00.
{
"affected": [],
"aliases": [
"CVE-2025-2300"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-22T05:15:30Z",
"severity": "MODERATE"
},
"details": "Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability.\nThis issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00.",
"id": "GHSA-qj3c-9p7w-6v83",
"modified": "2025-04-22T06:30:29Z",
"published": "2025-04-22T06:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2300"
},
{
"type": "WEB",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-112/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QJ6W-VQH8-3WWG
Vulnerability from github – Published: 2023-02-03 18:30 – Updated: 2023-02-10 03:30Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL.
{
"affected": [],
"aliases": [
"CVE-2021-36544"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-03T18:15:00Z",
"severity": "HIGH"
},
"details": "Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL.",
"id": "GHSA-qj6w-vqh8-3wwg",
"modified": "2023-02-10T03:30:20Z",
"published": "2023-02-03T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36544"
},
{
"type": "WEB",
"url": "https://gitee.com/happy_source/tpcms/issues/I3YNWY"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QJQ5-4C8Q-X94F
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212.
{
"affected": [],
"aliases": [
"CVE-2021-29759"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-07T17:15:00Z",
"severity": "LOW"
},
"details": "IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212.",
"id": "GHSA-qjq5-4c8q-x94f",
"modified": "2022-05-24T19:06:58Z",
"published": "2022-05-24T19:06:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29759"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202212"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6469449"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QJQG-4WG7-957H
Vulnerability from github – Published: 2024-05-15 03:30 – Updated: 2025-02-13 18:59A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged when TokenRequests is configured in the CSIDriver object and the driver is set to run at log level 2 or greater via the -v flag.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.29.3"
},
"package": {
"ecosystem": "Go",
"name": "sigs.k8s.io/azurefile-csi-driver"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.29.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "sigs.k8s.io/azurefile-csi-driver"
},
"ranges": [
{
"events": [
{
"introduced": "1.30.0"
},
{
"fixed": "1.30.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.30.0"
]
}
],
"aliases": [
"CVE-2024-3744"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-15T17:16:58Z",
"nvd_published_at": "2024-05-15T01:15:07Z",
"severity": "MODERATE"
},
"details": "A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged when TokenRequests is configured in the CSIDriver object and the driver is set to run at log level 2 or greater via the -v flag.",
"id": "GHSA-qjqg-4wg7-957h",
"modified": "2025-02-13T18:59:21Z",
"published": "2024-05-15T03:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3744"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/124759"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes-sigs/azurefile-csi-driver/commit/a1b7446de942136419f07394efeef804523f87ae"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes-sigs/azurefile-csi-driver/commit/e11ff3dc2c03894cde692213308f9991e7bbd5bf"
},
{
"type": "PACKAGE",
"url": "https://github.com/kubernetes-sigs/azurefile-csi-driver"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/hcgZE2MQo1A/m/Y4C6q-CYAgAJ"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/05/09/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "azure-file-csi-driver leaks service account tokens in the logs"
}
GHSA-QM7J-J8V5-52QC
Vulnerability from github – Published: 2022-04-05 00:00 – Updated: 2022-04-13 00:00TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password.
{
"affected": [],
"aliases": [
"CVE-2022-27442"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-04T21:15:00Z",
"severity": "HIGH"
},
"details": "TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator\u0027s user name and password.",
"id": "GHSA-qm7j-j8v5-52qc",
"modified": "2022-04-13T00:00:46Z",
"published": "2022-04-05T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27442"
},
{
"type": "WEB",
"url": "https://gitee.com/happy_source/tpcms/issues/I3YNWY"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QMV5-F584-5HQG
Vulnerability from github – Published: 2022-05-24 16:52 – Updated: 2024-04-04 01:30cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).
{
"affected": [],
"aliases": [
"CVE-2017-18412"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-02T14:15:00Z",
"severity": "LOW"
},
"details": "cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296).",
"id": "GHSA-qmv5-f584-5hqg",
"modified": "2024-04-04T01:30:32Z",
"published": "2022-05-24T16:52:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18412"
},
{
"type": "WEB",
"url": "https://documentation.cpanel.net/display/CL/68+Change+Log"
},
{
"type": "WEB",
"url": "https://news.cpanel.com/cpanel-tsr-2017-0005-full-disclosure"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QP45-7VJC-WWC4
Vulnerability from github – Published: 2023-09-08 03:30 – Updated: 2024-04-04 07:33An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors.
We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later
{
"affected": [],
"aliases": [
"CVE-2022-27599"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-08T02:15:07Z",
"severity": "MODERATE"
},
"details": "An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nWindows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later\n",
"id": "GHSA-qp45-7vjc-wwc4",
"modified": "2024-04-04T07:33:41Z",
"published": "2023-09-08T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27599"
},
{
"type": "WEB",
"url": "https://www.qnap.com/en/security-advisory/qsa-23-08"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QP5W-V6QC-VX8V
Vulnerability from github – Published: 2025-07-17 18:31 – Updated: 2025-07-24 21:30An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22.
{
"affected": [],
"aliases": [
"CVE-2025-51497"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-17T18:15:27Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22.",
"id": "GHSA-qp5w-v6qc-vx8v",
"modified": "2025-07-24T21:30:38Z",
"published": "2025-07-17T18:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-51497"
},
{
"type": "WEB",
"url": "https://adguard.com/en/adguard-safari/overview.html"
},
{
"type": "WEB",
"url": "https://github.com/AdguardTeam/AdGuardForSafari"
},
{
"type": "WEB",
"url": "https://www.mcrich23.com/post/adguard-messed-up-their-logging"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.