Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-20440 | Information Exposure Through Log Files vulnerability in Cisco Smart License Utility 2.0.0/2.1.0/2.2.0 A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to excessive verbosity in a debug log file. | 7.5 |
| 2024-09-02 | CVE-2024-8365 | Information Exposure Through Log Files vulnerability in Hashicorp Vault Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors, was removed. | 6.5 |
| 2024-08-22 | CVE-2024-42056 | Information Exposure Through Log Files vulnerability in Retool Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. | 6.5 |
| 2024-08-14 | CVE-2024-41719 | Information Exposure Through Log Files vulnerability in F5 Big-Ip Next Central Manager When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.5 |
| 2024-08-13 | CVE-2024-41978 | Information Exposure Through Log Files vulnerability in Siemens products A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). | 6.5 |
| 2024-08-05 | CVE-2024-40096 | Information Exposure Through Log Files vulnerability in RD Labs LLC WHO 15.0 The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places sensitive information in the system log. | 3.3 |
| 2024-08-03 | CVE-2024-37286 | Information Exposure Through Log Files vulnerability in Elastic APM Server APM server logs contain document body from a partially failed bulk index request. | 6.5 |
| 2024-08-03 | CVE-2024-38321 | Information Exposure Through Log Files vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. | 6.5 |
| 2024-08-02 | CVE-2024-42349 | Information Exposure Through Log Files vulnerability in Fogproject FOG is a cloning/imaging/rescue suite/inventory management system. | 5.3 |
| 2024-08-01 | CVE-2024-6687 | Information Exposure Through Log Files vulnerability in Thisfunctional CTT Expresso Para Woocommerce The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information exposure in all versions up to and including 3.2.12 via the /wp-content/uploads/cepw directory. | 7.5 |