Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2023-03-24 CVE-2021-3684 Information Exposure Through Log Files vulnerability in Redhat Openshift Assisted Installer
A vulnerability was found in OpenShift Assisted Installer.
local
low complexity
redhat CWE-532
5.5
2023-03-23 CVE-2023-20859 Information Exposure Through Log Files vulnerability in VMWare products
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
local
low complexity
vmware CWE-532
5.5
2023-03-21 CVE-2023-25687 Information Exposure Through Log Files vulnerability in IBM Security KEY Lifecycle Manager
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to obtain sensitive information from log files.
network
low complexity
ibm CWE-532
4.3
2023-02-27 CVE-2023-23505 Information Exposure Through Log Files vulnerability in Apple products
A privacy issue was addressed with improved private data redaction for log entries.
local
low complexity
apple CWE-532
3.3
2023-02-23 CVE-2023-0815 Information Exposure Through Log Files vulnerability in Opennms Horizon
Potential Insertion of Sensitive Information into Jetty Log Files in multiple versions of OpenNMS Meridian and Horizon could allow disclosure of usernames and passwords if the logging level is set to debug. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4.
network
low complexity
opennms CWE-532
6.5
2023-02-20 CVE-2022-48319 Information Exposure Through Log Files vulnerability in Checkmk 2.0.0/2.1.0
Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk <= 2.1.0p13, Checkmk <= 2.0.0p29, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to gain access to the host secret through the unprotected agent updater log file.
local
low complexity
checkmk CWE-532
5.5
2023-02-17 CVE-2022-43930 Information Exposure Through Log Files vulnerability in IBM DB2 10.5/11.1/11.5
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file.
network
low complexity
ibm CWE-532
7.5
2023-02-16 CVE-2022-43954 Information Exposure Through Log Files vulnerability in Fortinet Fortiportal 7.0.0/7.0.1/7.0.2
An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page.
network
low complexity
fortinet CWE-532
6.5
2023-02-13 CVE-2023-22362 Information Exposure Through Log Files vulnerability in Akindo-Sushiro products
SUSHIRO App for Android outputs sensitive information to the log file, which may result in an attacker obtaining a credential information from the log file.
network
low complexity
akindo-sushiro CWE-532
7.5
2023-02-09 CVE-2023-21435 Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.
local
low complexity
samsung CWE-532
5.5