Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2018-12-03 CVE-2018-14700 Information Exposure Through Log Files vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115
Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve MySQL log files via the "name" URL parameter.
network
low complexity
drobo CWE-532
7.5
2018-11-29 CVE-2018-16859 Information Exposure Through Log Files vulnerability in Redhat Ansible Engine
Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext.
local
low complexity
redhat CWE-532
4.4
2018-11-27 CVE-2018-16095 Information Exposure Through Log Files vulnerability in Lenovo System Management Module Firmware 1.05
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails.
network
high complexity
lenovo CWE-532
5.9
2018-11-02 CVE-2018-1876 Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0
IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation.
local
low complexity
ibm CWE-532
5.5
2018-11-02 CVE-2018-17922 Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.
network
low complexity
circontrol CWE-532
critical
9.8
2018-11-02 CVE-2018-1788 Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Server
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user.
local
low complexity
ibm CWE-532
4.4
2018-10-23 CVE-2018-17447 Information Exposure Through Log Files vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
network
low complexity
citrix CWE-532
7.5
2018-10-05 CVE-2018-15763 Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Container Service
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs.
network
low complexity
pivotal-software CWE-532
8.8
2018-10-05 CVE-2018-1264 Information Exposure Through Log Files vulnerability in Pivotal Software Cloud Foundry LOG Cache 0.1/1.0.0
Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report.
network
low complexity
pivotal-software CWE-532
critical
9.8
2018-10-04 CVE-2018-0504 Information Exposure Through Log Files vulnerability in multiple products
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
network
low complexity
mediawiki debian CWE-532
6.5