Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2024-10-16 CVE-2023-22649 Information Exposure Through Log Files vulnerability in Suse Rancher 2.7.0/2.7.1/2.7.4
A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's audit logs.
network
low complexity
suse CWE-532
6.5
2024-10-14 CVE-2024-45738 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensitive HTTP parameters to the `_internal` index.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-45739 Information Exposure Through Log Files vulnerability in Splunk
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users.
network
low complexity
splunk CWE-532
4.9
2024-10-14 CVE-2024-38862 Information Exposure Through Log Files vulnerability in Checkmk 2.1.0/2.2.0
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators.
local
low complexity
checkmk CWE-532
4.4
2024-10-09 CVE-2024-8264 Information Exposure Through Log Files vulnerability in Fortra Robot Schedule
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
local
low complexity
fortra CWE-532
5.5
2024-10-08 CVE-2024-47822 Information Exposure Through Log Files vulnerability in Monospace Directus
Directus is a real-time API and App dashboard for managing SQL database content.
local
low complexity
monospace CWE-532
4.2
2024-10-02 CVE-2024-20490 Information Exposure Through Log Files vulnerability in Cisco products
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco Nexus Dashboard Orchestrator (NDO) could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in an internal log that is stored in the tech support file.
network
low complexity
cisco CWE-532
8.6
2024-10-02 CVE-2024-20491 Information Exposure Through Log Files vulnerability in Cisco products
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because remote controller credentials are recorded in an internal log that is stored in the tech support file.
network
low complexity
cisco CWE-532
8.6
2024-09-27 CVE-2024-8609 Information Exposure Through Log Files vulnerability in Oceanicsoft Valeapp
Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.
network
low complexity
oceanicsoft CWE-532
7.5
2024-09-26 CVE-2022-49037 Information Exposure Through Log Files vulnerability in Synology Drive Client
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive information via unspecified vectors.
network
low complexity
synology CWE-532
6.5