Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-05 | CVE-2018-19786 | Information Exposure Through Log Files vulnerability in Hashicorp Vault HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. | 8.1 |
| 2018-12-03 | CVE-2018-14700 | Information Exposure Through Log Files vulnerability in Drobo 5N2 Firmware 4.0.513.28.96115 Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve MySQL log files via the "name" URL parameter. | 7.5 |
| 2018-11-29 | CVE-2018-16859 | Information Exposure Through Log Files vulnerability in Redhat Ansible Engine Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. | 4.4 |
| 2018-11-27 | CVE-2018-16095 | Information Exposure Through Log Files vulnerability in Lenovo System Management Module Firmware 1.05 In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails. | 5.9 |
| 2018-11-02 | CVE-2018-1876 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. | 5.5 |
| 2018-11-02 | CVE-2018-17922 | Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3 Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. | 9.8 |
| 2018-11-02 | CVE-2018-1788 | Information Exposure Through Log Files vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. | 4.4 |
| 2018-10-23 | CVE-2018-17447 | Information Exposure Through Log Files vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 7.5 |
| 2018-10-05 | CVE-2018-15763 | Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Container Service Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. | 8.8 |
| 2018-10-05 | CVE-2018-1264 | Information Exposure Through Log Files vulnerability in Pivotal Software Cloud Foundry LOG Cache 0.1/1.0.0 Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. | 9.8 |