Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2021-25688 Information Exposure Through LOG Files vulnerability in Teradici Pcoip Graphics Agent and Pcoip Standard Agent
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application logs.
local
low complexity
teradici CWE-532
2.1
2021-02-10 CVE-2021-22133 Information Exposure Through LOG Files vulnerability in Elastic APM Agent
The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic.
low complexity
elastic CWE-532
2.7
2021-02-10 CVE-2020-7021 Information Exposure Through LOG Files vulnerability in Elastic Elasticsearch
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled.
network
low complexity
elastic CWE-532
4.0
2021-02-08 CVE-2021-20359 Information Exposure Through LOG Files vulnerability in IBM Cloud PAK for Automation 20.0.2/20.0.3
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer Component stores potentially sensitive information in log files that could be obtained by an unauthorized user.
network
low complexity
ibm CWE-532
4.0
2021-01-13 CVE-2021-1226 Information Exposure Through LOG Files vulnerability in Cisco products
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.
network
low complexity
cisco CWE-532
4.0
2021-01-13 CVE-2021-3032 Information Exposure Through LOG Files vulnerability in Paloaltonetworks Pan-Os
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log.
local
low complexity
paloaltonetworks CWE-532
2.1
2021-01-05 CVE-2020-26199 Information Exposure Through LOG Files vulnerability in Dell products
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text password storage vulnerability.
local
low complexity
dell CWE-532
2.1
2020-12-15 CVE-2020-0476 Information Exposure Through LOG Files vulnerability in Google Android 11.0
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs.
local
low complexity
google CWE-532
2.1
2020-12-14 CVE-2020-35234 Information Exposure Through LOG Files vulnerability in Wp-Ecommerce Easy WP Smtp
The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020.
network
low complexity
wp-ecommerce CWE-532
5.0
2020-12-07 CVE-2020-8566 Information Exposure Through LOG Files vulnerability in Kubernetes
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs.
local
low complexity
kubernetes CWE-532
2.1