Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-01 | CVE-2021-3447 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. | 5.5 |
| 2021-03-26 | CVE-2021-22184 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure issue in GitLab starting from version 12.8 allowed a user with access to the server logs to see sensitive information that wasn't properly redacted. | 5.5 |
| 2021-03-25 | CVE-2021-25350 | Information Exposure Through Log Files vulnerability in Samsung Account 10.7.07/10.8.0.4 Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | 3.9 |
| 2021-03-24 | CVE-2021-1442 | Information Exposure Through Log Files vulnerability in Cisco IOS XE A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to the level of an Administrator user (level 15) on an affected device. | 7.8 |
| 2021-03-22 | CVE-2021-22310 | Information Exposure Through Log Files vulnerability in Huawei products There is an information leakage vulnerability in some huawei products. | 4.4 |
| 2021-03-15 | CVE-2021-3167 | Information Exposure Through Log Files vulnerability in Cloudera Data Engineering 1.3.0 In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication tokens are exposed to administrators in virtual cluster server logs. | 6.5 |
| 2021-03-10 | CVE-2021-3034 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Cortex Xsoar An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on (SSO) integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. | 5.1 |
| 2021-03-09 | CVE-2021-21361 | Information Exposure Through Log Files vulnerability in Vagrant Project Vagrant The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. | 6.5 |
| 2021-02-11 | CVE-2021-25688 | Information Exposure Through Log Files vulnerability in Teradici Pcoip Graphics Agent and Pcoip Standard Agent Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application logs. | 5.5 |
| 2021-02-10 | CVE-2021-22133 | Information Exposure Through Log Files vulnerability in Elastic APM Agent The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. | 2.4 |