Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2019-09-25 CVE-2019-6656 Information Exposure Through Log Files vulnerability in F5 products
BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs the full apm session ID in the log files.
network
low complexity
f5 CWE-532
7.5
2019-09-18 CVE-2019-5532 Information Exposure Through Log Files vulnerability in VMWare Vcenter Server 6.0/6.5/6.7
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF.
network
low complexity
vmware CWE-532
7.7
2019-09-11 CVE-2019-3763 Information Exposure Through Log Files vulnerability in Dell products
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability.
local
low complexity
dell CWE-532
7.8
2019-09-10 CVE-2019-11465 Information Exposure Through Log Files vulnerability in Couchbase Server
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0.
network
low complexity
couchbase CWE-532
5.3
2019-09-09 CVE-2019-11549 Information Exposure Through Log Files vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2.
network
low complexity
gitlab CWE-532
6.5
2019-09-04 CVE-2019-6648 Information Exposure Through Log Files vulnerability in multiple products
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.
local
low complexity
f5 redhat CWE-532
4.4
2019-08-29 CVE-2019-11250 Information Exposure Through Log Files vulnerability in multiple products
The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher.
network
low complexity
kubernetes redhat CWE-532
6.5
2019-08-28 CVE-2019-15294 Information Exposure Through Log Files vulnerability in Gallagher Command Centre 8.10
An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2).
network
low complexity
gallagher CWE-532
critical
9.8
2019-08-22 CVE-2019-5634 Information Exposure Through Log Files vulnerability in Belwith-Keeler Hickory Smart 01.01.40/01.01.43
An inclusion of sensitive information in log files vulnerability is present in Hickory Smart for Android mobile devices from Belwith Products, LLC.
low complexity
belwith-keeler CWE-532
4.3
2019-08-15 CVE-2019-13515 Information Exposure Through Log Files vulnerability in Osisoft PI web API
OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information.
network
low complexity
osisoft CWE-532
6.5