VYPR

CWE-778

Insufficient Logging

BaseDraftLikelihood: Medium

Description

When a security-critical event occurs, the product either does not record the event or omits important details about the event when logging it.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (8)

  • CVE-2024-48967CriNov 14, 2024
    risk 0.65cvss 10.0epss 0.01

    The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to…

  • CVE-2025-52644MedMar 16, 2026
    risk 0.38cvss 5.8epss 0.00

    HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation…

  • CVE-2025-53498MedJul 7, 2025
    risk 0.34cvss 5.3epss 0.00

    Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.

  • CVE-2024-10863MedNov 22, 2024
    risk 0.33cvss epss 0.00

    : Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded…

  • CVE-2026-32803LowMay 8, 2026
    risk 0.21cvss 3.3epss 0.00

    Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability,…

  • CVE-2026-9247LowMay 22, 2026
    risk 0.16cvss 2.4epss 0.00

    Insufficient logging in the entry export feature in Devolutions Server allows an authenticated user with export permissions to export a sealed entry without triggering the unseal notification to administrators via a crafted export request. This issue affects : * Devolutions…

  • CVE-2026-25598Feb 9, 2026
    risk 0.00cvss epss 0.00

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections to evade audit logging.…

  • CVE-2019-8123Nov 5, 2019
    risk 0.00cvss epss 0.01

    An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. The logging feature required for effective monitoring did not contain sufficent data to…