Vulnerabilities > Information Exposure Through Log Files

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2022-46647 Information Exposure Through Log Files vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244
Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-532
5.5
2023-11-14 CVE-2023-32283 Information Exposure Through Log Files vulnerability in Intel on Demand 1.16.1.1/2.1.0.1/3.0.1.3
Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-532
5.5
2023-11-11 CVE-2023-47390 Information Exposure Through Log Files vulnerability in Juanfont Headscale
Headscale through 0.22.3 writes bearer tokens to info-level logs.
network
low complexity
juanfont CWE-532
7.5
2023-11-07 CVE-2023-0436 Information Exposure Through Log Files vulnerability in Mongodb Atlas Kubernetes Operator
The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled.
network
low complexity
mongodb CWE-532
7.5
2023-10-30 CVE-2023-21387 Information Exposure Through Log Files vulnerability in Google Android
In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure.
local
low complexity
google CWE-532
4.4
2023-10-26 CVE-2023-31417 Information Exposure Through Log Files vulnerability in Elastic Elasticsearch
Elasticsearch generally filters out sensitive information and credentials before logging to the audit log.
local
low complexity
elastic CWE-532
4.4
2023-10-26 CVE-2023-31422 Information Exposure Through Log Files vulnerability in Elastic Kibana 8.10.0
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error.
network
low complexity
elastic CWE-532
7.5
2023-10-26 CVE-2023-46667 Information Exposure Through Log Files vulnerability in Elastic Fleet Server 8.10.0/8.10.2
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text.
network
low complexity
elastic CWE-532
8.1
2023-10-26 CVE-2023-46668 Information Exposure Through Log Files vulnerability in Elastic Endpoint 7.9.0/8.10.3
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext.
network
low complexity
elastic CWE-532
critical
9.1
2023-10-25 CVE-2023-40405 Information Exposure Through Log Files vulnerability in Apple Macos 14.0
A privacy issue was addressed with improved private data redaction for log entries.
local
low complexity
apple CWE-532
3.3