CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-R5H8-Q4JM-864X
Vulnerability from github – Published: 2024-10-28 21:30 – Updated: 2024-10-30 18:30A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.
{
"affected": [],
"aliases": [
"CVE-2024-27849"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-28T21:15:04Z",
"severity": "LOW"
},
"details": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.",
"id": "GHSA-r5h8-q4jm-864x",
"modified": "2024-10-30T18:30:46Z",
"published": "2024-10-28T21:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27849"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/121238"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R658-8HFR-MHC6
Vulnerability from github – Published: 2022-05-13 01:48 – Updated: 2022-05-13 01:48Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.
{
"affected": [],
"aliases": [
"CVE-2018-0042"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-11T18:29:00Z",
"severity": "CRITICAL"
},
"details": "Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.",
"id": "GHSA-r658-8hfr-mhc6",
"modified": "2022-05-13T01:48:17Z",
"published": "2022-05-13T01:48:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0042"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10872"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R69R-G3MG-H539
Vulnerability from github – Published: 2024-10-10 00:31 – Updated: 2024-10-10 00:31Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
{
"affected": [],
"aliases": [
"CVE-2024-8264"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-09T23:15:11Z",
"severity": "MODERATE"
},
"details": "Fortra\u0027s Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.",
"id": "GHSA-r69r-g3mg-h539",
"modified": "2024-10-10T00:31:06Z",
"published": "2024-10-10T00:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8264"
},
{
"type": "WEB",
"url": "https://hstechdocs.helpsystems.com/releasenotes/Content/_ProductPages/Robot/RobotScheduleEnterprise.htm"
},
{
"type": "WEB",
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-012"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R6C5-VPH6-7C4M
Vulnerability from github – Published: 2025-08-14 15:30 – Updated: 2025-08-14 15:30Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
{
"affected": [],
"aliases": [
"CVE-2025-38745"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-14T15:15:34Z",
"severity": "MODERATE"
},
"details": "Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.",
"id": "GHSA-r6c5-vph6-7c4m",
"modified": "2025-08-14T15:30:45Z",
"published": "2025-08-14T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38745"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000356351/dsa-2025-314-security-update-for-dell-openmanage-enterprise-vulnerability"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R6FG-PRGW-3FF5
Vulnerability from github – Published: 2023-11-15 09:30 – Updated: 2025-02-13 18:32An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.
The prerequisites for the manifestation of this issue are:
-
Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format.
-
Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.
{
"affected": [],
"aliases": [
"CVE-2023-46672"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-15T08:15:07Z",
"severity": "HIGH"
},
"details": "An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances.\n\nThe prerequisites for the manifestation of this issue are:\n\n * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format.\n\n\n * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration.",
"id": "GHSA-r6fg-prgw-3ff5",
"modified": "2025-02-13T18:32:03Z",
"published": "2023-11-15T09:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46672"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/logstash-8-11-1-security-update-esa-2023-26/347191"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240125-0002"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240229-0001"
},
{
"type": "WEB",
"url": "https://www.elastic.co/community/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R6GC-RV59-H8X2
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2024-04-04 02:26In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
{
"affected": [],
"aliases": [
"CVE-2019-17394"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-15T21:15:00Z",
"severity": "CRITICAL"
},
"details": "In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.",
"id": "GHSA-r6gc-rv59-h8x2",
"modified": "2024-04-04T02:26:31Z",
"published": "2022-05-24T16:58:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17394"
},
{
"type": "WEB",
"url": "https://pastebin.com/h8v0qxZH"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R794-WG43-VP3F
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request.
{
"affected": [],
"aliases": [
"CVE-2021-3036"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-20T04:15:00Z",
"severity": "MODERATE"
},
"details": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request.",
"id": "GHSA-r794-wg43-vp3f",
"modified": "2022-05-24T17:47:57Z",
"published": "2022-05-24T17:47:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3036"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2021-3036"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-R7MG-Q5MV-QG2V
Vulnerability from github – Published: 2025-12-18 15:30 – Updated: 2025-12-18 15:30The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.
{
"affected": [],
"aliases": [
"CVE-2025-14437"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-18T13:15:47Z",
"severity": "HIGH"
},
"details": "The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the \u0027request\u0027 function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.",
"id": "GHSA-r7mg-q5mv-qg2v",
"modified": "2025-12-18T15:30:43Z",
"published": "2025-12-18T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14437"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3421187/hummingbird-performance"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8755ab3f-ee77-44ea-8620-590f1f1cb333?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R87R-6J6C-XX59
Vulnerability from github – Published: 2022-03-11 00:02 – Updated: 2022-03-19 00:01Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log
{
"affected": [],
"aliases": [
"CVE-2022-25826"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-10T17:47:00Z",
"severity": "LOW"
},
"details": "Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log",
"id": "GHSA-r87r-6j6c-xx59",
"modified": "2022-03-19T00:01:33Z",
"published": "2022-03-11T00:02:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25826"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R8MH-6H4V-V5RM
Vulnerability from github – Published: 2022-10-07 18:15 – Updated: 2022-10-11 19:00Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.
{
"affected": [],
"aliases": [
"CVE-2022-39876"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-07T15:15:00Z",
"severity": "LOW"
},
"details": "Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.",
"id": "GHSA-r8mh-6h4v-v5rm",
"modified": "2022-10-11T19:00:27Z",
"published": "2022-10-07T18:15:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39876"
},
{
"type": "WEB",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.