Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-22 | CVE-2023-25682 | Information Exposure Through Log Files vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2023-11-22 | CVE-2021-22143 | Information Exposure Through Log Files vulnerability in Elastic APM .Net Agent The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. | 4.3 |
| 2023-11-15 | CVE-2023-46672 | Information Exposure Through Log Files vulnerability in Elastic Logstash 7.12.1/8.10.0 An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration. | 5.5 |
| 2023-11-14 | CVE-2022-46647 | Information Exposure Through Log Files vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2023-32283 | Information Exposure Through Log Files vulnerability in Intel on Demand 1.16.1.1/2.1.0.1/3.0.1.3 Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2023-45585 | Information Exposure Through Log Files vulnerability in Fortinet Fortisiem An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage. | 3.3 |
| 2023-11-11 | CVE-2023-47390 | Information Exposure Through Log Files vulnerability in Juanfont Headscale Headscale through 0.22.3 writes bearer tokens to info-level logs. | 7.5 |
| 2023-11-07 | CVE-2023-0436 | Information Exposure Through Log Files vulnerability in Mongodb Atlas Kubernetes Operator The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. | 7.5 |
| 2023-10-31 | CVE-2023-46255 | Information Exposure Through Log Files vulnerability in Authzed Spicedb SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. | 6.5 |
| 2023-10-30 | CVE-2023-21387 | Information Exposure Through Log Files vulnerability in Google Android In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. | 4.4 |