CWE-778
AllowedInsufficient Logging
Abstraction: Base · Status: Draft
When a security-critical event occurs, the product either does not record the event or omits important details about the event when logging it.
40 vulnerabilities reference this CWE, most recent first.
CVE-2019-19295 (GCVE-0-2019-19295)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:16 – Updated: 2024-11-18 17:47- CWE-778 - Insufficient Logging
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Control Center Server (CCS) |
Affected:
All versions < V1.5.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-19295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T20:19:51.942522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T17:47:21.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0). The Control Center Server (CCS) does not enforce logging of\nsecurity-relevant activities in its XML-based communication protocol\nas provided by default on ports 5444/tcp and 5440/tcp.\nAn authenticated remote attacker could exploit this vulnerability to\nperform covert actions that are not visible in the application log."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778: Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:24.293Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19295",
"datePublished": "2020-03-10T19:16:17.000Z",
"dateReserved": "2019-11-26T00:00:00.000Z",
"dateUpdated": "2024-11-18T17:47:21.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19277 (GCVE-0-2019-19277)
Vulnerability from cvelistv5 – Published: 2020-03-10 19:16 – Updated: 2024-08-05 02:09- CWE-778 - Insufficient Logging
| URL | Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_MISC |
| https://www.us-cert.gov/ics/advisories/icsa-20-042-08 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens AG | SIPORT MP |
Affected:
All versions < 3.1.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIPORT MP",
"vendor": "Siemens AG",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 3.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPORT MP (All versions \u003c 3.1.4). Vulnerable versions of the device allow the creation of special accounts (\"service users\") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778: Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T17:26:16.000Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-19277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIPORT MP",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 3.1.4"
}
]
}
}
]
},
"vendor_name": "Siemens AG"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIPORT MP (All versions \u003c 3.1.4). Vulnerable versions of the device allow the creation of special accounts (\"service users\") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-778: Insufficient Logging"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19277",
"datePublished": "2020-03-10T19:16:17.000Z",
"dateReserved": "2019-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:09:39.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7613 (GCVE-0-2019-7613)
Vulnerability from cvelistv5 – Published: 2019-03-25 18:34 – Updated: 2024-08-04 20:54- CWE-778 - Insufficient Logging
| URL | Tags |
|---|---|
| https://www.elastic.co/community/security | x_refsource_MISC |
| https://discuss.elastic.co/t/elastic-stack-6-6-2-… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Logstash",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "before 5.6.16 and 6.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778: Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T18:34:06.000Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.elastic.co/community/security"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Logstash",
"version": {
"version_data": [
{
"version_value": "before 5.6.16 and 6.6.2"
}
]
}
}
]
},
"vendor_name": "Elastic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-778: Insufficient Logging"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.elastic.co/community/security",
"refsource": "MISC",
"url": "https://www.elastic.co/community/security"
},
{
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180",
"refsource": "MISC",
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2019-7613",
"datePublished": "2019-03-25T18:34:06.000Z",
"dateReserved": "2019-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:54:28.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-2CCX-3VJX-PJ7F
Vulnerability from github – Published: 2024-03-20 15:32 – Updated: 2024-03-20 15:32In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.
{
"affected": [],
"aliases": [
"CVE-2024-2291"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-20T15:15:08Z",
"severity": "MODERATE"
},
"details": "\nIn Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered.\u00a0 An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.",
"id": "GHSA-2ccx-3vjx-pj7f",
"modified": "2024-03-20T15:32:58Z",
"published": "2024-03-20T15:32:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2291"
},
{
"type": "WEB",
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Service-Pack-March-2024"
},
{
"type": "WEB",
"url": "https://www.progress.com/moveit"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2P78-JPPX-G4GP
Vulnerability from github – Published: 2025-03-26 18:30 – Updated: 2025-03-26 21:31Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality.
This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.
{
"affected": [],
"aliases": [
"CVE-2025-2562"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-26T18:15:26Z",
"severity": "MODERATE"
},
"details": "Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality.\n\n\n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.",
"id": "GHSA-2p78-jppx-g4gp",
"modified": "2025-03-26T21:31:06Z",
"published": "2025-03-26T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2562"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2025-0005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3G3Q-8QFH-J8W8
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request.
This issue affects :
- Devolutions Server 2026.1.6.0 through 2026.1.16.0
- Devolutions Server 2025.3.20.0 and earlier
{
"affected": [],
"aliases": [
"CVE-2026-9247"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-22T16:16:25Z",
"severity": "LOW"
},
"details": "Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request.\n\nThis issue affects :\n\n * Devolutions Server 2026.1.6.0 through 2026.1.16.0\n * Devolutions Server 2025.3.20.0 and earlier",
"id": "GHSA-3g3q-8qfh-j8w8",
"modified": "2026-05-26T13:30:19Z",
"published": "2026-05-26T13:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9247"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2026-0013"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-47FH-X67F-4GJX
Vulnerability from github – Published: 2023-11-07 21:30 – Updated: 2023-11-15 18:30An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.
{
"affected": [],
"aliases": [
"CVE-2021-43419"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-07T21:15:08Z",
"severity": "HIGH"
},
"details": "An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.",
"id": "GHSA-47fh-x67f-4gjx",
"modified": "2023-11-15T18:30:21Z",
"published": "2023-11-07T21:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43419"
},
{
"type": "WEB",
"url": "https://github.com/Patrick0x41/Security-Advisories/blob/main/CVE-2021-43419/README.md"
},
{
"type": "WEB",
"url": "https://www.youtube.com/watch?v=HJUj3PgH7Ag"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6JQG-Q6MQ-24MG
Vulnerability from github – Published: 2024-03-04 15:31 – Updated: 2024-03-04 15:31Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.
{
"affected": [],
"aliases": [
"CVE-2024-24901"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-04T14:15:41Z",
"severity": "LOW"
},
"details": "Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.",
"id": "GHSA-6jqg-q6mq-24mg",
"modified": "2024-03-04T15:31:07Z",
"published": "2024-03-04T15:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24901"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-8Q9R-C4J3-X28F
Vulnerability from github – Published: 2025-07-07 21:31 – Updated: 2025-07-08 18:31: Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
{
"affected": [],
"aliases": [
"CVE-2025-53498"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-07T19:15:23Z",
"severity": "MODERATE"
},
"details": ": Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.",
"id": "GHSA-8q9r-c4j3-x28f",
"modified": "2025-07-08T18:31:28Z",
"published": "2025-07-07T21:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53498"
},
{
"type": "WEB",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166844"
},
{
"type": "WEB",
"url": "https://phabricator.wikimedia.org/T397221"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-95H2-5C4F-CPVP
Vulnerability from github – Published: 2024-11-22 21:32 – Updated: 2024-11-22 21:32: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.
End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.
{
"affected": [],
"aliases": [
"CVE-2024-10863"
],
"database_specific": {
"cwe_ids": [
"CWE-778"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-22T16:15:21Z",
"severity": "MODERATE"
},
"details": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before \u003c24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.",
"id": "GHSA-95h2-5c4f-cpvp",
"modified": "2024-11-22T21:32:14Z",
"published": "2024-11-22T21:32:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10863"
},
{
"type": "WEB",
"url": "https://portal.microfocus.com/s/article/KM000036389?"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Use a centralized logging mechanism that supports multiple levels of detail.
Mitigation
Ensure that all security-related successes and failures can be logged. When storing data in the cloud (e.g., AWS S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to enable and capture detailed logging information.
Mitigation
Be sure to set the level of logging appropriately in a production environment. Sufficient data should be logged to enable system administrators to detect attacks, diagnose errors, and recover from attacks. At the same time, logging too much data (CWE-779) can cause the same problems, including unexpected costs when using a cloud environment.
Mitigation
To enable storage logging using Azure's Portal, navigate to the name of the Storage Account, locate Monitoring (CLASSIC) section, and select Diagnostic settings (classic). For each of the various properties (blob, file, table, queue), ensure the status is properly set for the desired logging data. If using PowerShell, the Set-AzStorageServiceLoggingProperty command could be called using appropriate -ServiceType, -LoggingOperations, and -RetentionDays arguments.
No CAPEC attack patterns related to this CWE.