Vulnerabilities > Information Exposure Through Log Files
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-36649 | Information Exposure Through Log Files vulnerability in Prolion Cryptospike 3.0.15 Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication. | 9.1 |
| 2023-12-04 | CVE-2023-6460 | Information Exposure Through Log Files vulnerability in Google Cloud Firestore A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. | 5.5 |
| 2023-11-27 | CVE-2023-6287 | Information Exposure Through Log Files vulnerability in Tribe29 Checkmk Appliance Firmware Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files. | 5.5 |
| 2023-11-23 | CVE-2023-4677 | Information Exposure Through Log Files vulnerability in Artica Pandora FMS Cron log backup files contain administrator session IDs. | 9.8 |
| 2023-11-22 | CVE-2021-22143 | Information Exposure Through Log Files vulnerability in Elastic APM .Net Agent The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. | 4.3 |
| 2023-11-15 | CVE-2023-46672 | Information Exposure Through Log Files vulnerability in Elastic Logstash 7.12.1/8.10.0 An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifestation of this issue are: * Logstash is configured to log in JSON format https://www.elastic.co/guide/en/logstash/current/running-logstash-command-line.html , which is not the default logging format. * Sensitive data is stored in the Logstash keystore and referenced as a variable in Logstash configuration. | 5.5 |
| 2023-11-14 | CVE-2022-46647 | Information Exposure Through Log Files vulnerability in Intel Unison Software 20.14.2.3053/20.14.4244 Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-14 | CVE-2023-32283 | Information Exposure Through Log Files vulnerability in Intel on Demand 1.16.1.1/2.1.0.1/3.0.1.3 Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-11-11 | CVE-2023-47390 | Information Exposure Through Log Files vulnerability in Juanfont Headscale Headscale through 0.22.3 writes bearer tokens to info-level logs. | 7.5 |
| 2023-11-07 | CVE-2023-0436 | Information Exposure Through Log Files vulnerability in Mongodb Atlas Kubernetes Operator The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. | 7.5 |