Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-46667 | Information Exposure Through Log Files vulnerability in Elastic Fleet Server 8.10.0/8.10.2 An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. | 8.1 |
| 2023-10-26 | CVE-2023-46668 | Information Exposure Through Log Files vulnerability in Elastic Endpoint 7.9.0/8.10.3 If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. | 9.1 |
| 2023-10-25 | CVE-2023-40405 | Information Exposure Through Log Files vulnerability in Apple Macos 14.0 A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2023-10-25 | CVE-2023-40425 | Information Exposure Through Log Files vulnerability in Apple Macos A privacy issue was addressed with improved private data redaction for log entries. | 4.4 |
| 2023-10-25 | CVE-2023-41254 | Information Exposure Through Log Files vulnerability in Apple products A privacy issue was addressed with improved private data redaction for log entries. | 5.5 |
| 2023-10-25 | CVE-2023-42857 | Information Exposure Through Log Files vulnerability in Apple Ipados and Macos A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2023-10-19 | CVE-2023-45809 | Information Exposure Through Log Files vulnerability in Torchbox Wagtail Wagtail is an open source content management system built on Django. | 2.7 |
| 2023-10-19 | CVE-2023-45825 | Information Exposure Through Log Files vulnerability in YDB Ydb-Go-Sdk 3.48.6 ydb-go-sdk is a pure Go native and database/sql driver for the YDB platform. | 5.5 |
| 2023-10-17 | CVE-2023-5339 | Information Exposure Through Log Files vulnerability in Mattermost Desktop Mattermost Desktop fails to set an appropriate log level during initial run after fresh installation resulting in logging all keystrokes including password entry being logged. | 5.5 |
| 2023-10-13 | CVE-2023-40682 | Information Exposure Through Log Files vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. | 4.4 |