Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2017-02-01 CVE-2016-0296 Information Exposure Through Log Files vulnerability in IBM Bigfix Platform
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.
local
low complexity
ibm CWE-532
3.3
2017-01-31 CVE-2015-8977 Information Exposure Through Log Files vulnerability in Mybb Merge System and Mybb
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.
network
low complexity
mybb CWE-532
7.5
2017-01-13 CVE-2016-9882 Information Exposure Through Log Files vulnerability in Cloudfoundry Capi-Release and Cf-Release
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v250 and CAPI-release versions prior to v1.12.0.
network
low complexity
cloudfoundry CWE-532
7.5
2016-12-14 CVE-2016-4443 Information Exposure Through Log Files vulnerability in Redhat Enterprise Virtualization 3.6
Red Hat Enterprise Virtualization (RHEV) Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file.
local
low complexity
redhat CWE-532
5.5
2016-11-30 CVE-2016-2943 Information Exposure Through Log Files vulnerability in IBM Bigfix Remote Control 9.1.2
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.
local
high complexity
ibm CWE-532
1.9
2016-11-25 CVE-2016-2928 Information Exposure Through Log Files vulnerability in IBM Bigfix Remote Control 9.1.2
IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive information by reading error logs.
network
low complexity
ibm CWE-532
4.3
2016-11-25 CVE-2016-5967 Information Exposure Through Log Files vulnerability in IBM Rational Asset Analyzer
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local users to discover the WAS Admin password by reading IM native logs.
local
low complexity
ibm CWE-532
5.5
2016-10-03 CVE-2016-5432 Information Exposure Through Log Files vulnerability in Redhat Enterprise Virtualization 4.0
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files.
local
low complexity
redhat CWE-532
3.3
2016-05-31 CVE-2016-0879 Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware
Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL.
network
low complexity
moxa CWE-532
7.5
2016-05-31 CVE-2016-0875 Information Exposure Through Log Files vulnerability in Moxa Edr-G903 Firmware
Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL.
network
low complexity
moxa CWE-532
7.5