CWE-532
Insertion of Sensitive Information into Log File
Description
The product writes sensitive information to a log file.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-215
CVEs mapped to this weakness (485)
page 5 of 25| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-9882 | Hig | 0.49 | 7.5 | 0.02 | Jan 13, 2017 | An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often… | ||
| CVE-2016-0879 | Hig | 0.49 | 7.5 | 0.02 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL. | ||
| CVE-2016-0875 | Hig | 0.49 | 7.5 | 0.02 | May 31, 2016 | Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL. | ||
| CVE-2013-4733 | Hig | 0.49 | 7.5 | 0.02 | Jun 30, 2013 | The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files. | ||
| CVE-2025-41690 | — | Hig | 0.48 | 7.4 | 0.00 | Sep 2, 2025 | A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access… | |
| CVE-2026-32996 | Hig | 0.47 | — | 0.00 | May 28, 2026 | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation. | ||
| CVE-2026-20205 | Hig | 0.47 | 7.2 | 0.00 | Apr 15, 2026 | In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.The vulnerability would require… | ||
| CVE-2017-15113 | Hig | 0.47 | 7.2 | 0.01 | Jul 27, 2018 | ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or… | ||
| CVE-2025-31479 | Hig | 0.46 | 8.2 | 0.01 | Apr 2, 2025 | canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUB_TOKEN. If the full token is… | ||
| CVE-2025-54064 | Med | 0.45 | — | 0.00 | Jul 17, 2025 | Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the `rucio-server`, `rucio-ui`, and `rucio-webui` define the log format for the apache access… | ||
| CVE-2021-21508 | Med | 0.44 | 6.7 | 0.00 | May 22, 2026 | Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access… | ||
| CVE-2025-14437 | Hig | 0.44 | 7.5 | 0.02 | Dec 18, 2025 | The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API… | ||
| CVE-2025-8864 | — | Med | 0.44 | — | 0.00 | Aug 11, 2025 | Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs | |
| CVE-2025-7371 | Med | 0.44 | 6.8 | 0.00 | Jul 22, 2025 | Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated password resets. This vulnerability allows an attacker with access to the local servers running OPP agents to retrieve user personal information and temporary passwords created during… | ||
| CVE-2024-32757 | — | Med | 0.44 | 6.8 | 0.00 | Jul 2, 2024 | Under certain circumstances unnecessary user details are provided within system logs | |
| CVE-2024-27157 | Med | 0.44 | 6.8 | 0.00 | Jun 14, 2024 | The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-27156 | — | Med | 0.44 | 6.8 | 0.00 | Jun 14, 2024 | The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference… | |
| CVE-2024-22440 | Med | 0.44 | 6.8 | 0.00 | Apr 17, 2024 | A potential security vulnerability has been identified in HPE Compute Scale-up Server 3200 server. This vulnerability could cause disclosure of sensitive information in log files. | ||
| CVE-2025-43937 | Med | 0.43 | 6.6 | 0.00 | Apr 16, 2026 | Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The… | ||
| CVE-2012-0814 | Med | 0.43 | 6.5 | 0.04 | Jan 27, 2012 | The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by… |
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0. Cloud Foundry logs the credentials returned from service brokers in Cloud Controller system component logs. These logs are written to disk and often…
- risk 0.49cvss 7.5epss 0.02
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
- risk 0.49cvss 7.5epss 0.02
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
- risk 0.49cvss 7.5epss 0.02
The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.
- risk 0.48cvss 7.4epss 0.00
A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator to authenticate as the Maintenance user, thereby gaining unauthorized access…
- risk 0.47cvss —epss 0.00
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
- risk 0.47cvss 7.2epss 0.00
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.The vulnerability would require…
- risk 0.47cvss 7.2epss 0.01
ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or…
- risk 0.46cvss 8.2epss 0.01
canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUB_TOKEN. If the full token is…
- risk 0.45cvss —epss 0.00
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the `rucio-server`, `rucio-ui`, and `rucio-webui` define the log format for the apache access…
- risk 0.44cvss 6.7epss 0.00
Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access…
- risk 0.44cvss 7.5epss 0.02
The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API…
- risk 0.44cvss —epss 0.00
Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs
- risk 0.44cvss 6.8epss 0.00
Okta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated password resets. This vulnerability allows an attacker with access to the local servers running OPP agents to retrieve user personal information and temporary passwords created during…
- risk 0.44cvss 6.8epss 0.00
Under certain circumstances unnecessary user details are provided within system logs
- risk 0.44cvss 6.8epss 0.00
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL.
- risk 0.44cvss 6.8epss 0.00
The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference…
- risk 0.44cvss 6.8epss 0.00
A potential security vulnerability has been identified in HPE Compute Scale-up Server 3200 server. This vulnerability could cause disclosure of sensitive information in log files.
- risk 0.43cvss 6.6epss 0.00
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The…
- risk 0.43cvss 6.5epss 0.04
The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by…