Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-117

CWE-117

Medium likelihood

Improper Output Neutralization for Logs

Parent: CWE-116 - Improper Encoding or Escaping of Output

The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.

98 vulnerabilities with CWE-117

CVE-2023-31405 MEDIUM

SAP NetWeaver AS for Java - Info Disclosure

CVE-2023-32712 HIGH

Splunk Enterprise <9.1.0.2, <9.0.5.1, <8.2.11.2 - Code Injection

CVE-2023-1711 MEDIUM

HitachiEnergy FOXMAN-UN and UNEM - Information Disclosure in Logging Component

CVE-2023-0595 MEDIUM

EcoStruxure Geo SCADA Expert <October 2022 - Info Disclosure

CVE-2022-1522 MEDIUM

Cognex 3D-A1000 Dimensioning System <1.0.3 (3354) - Info Disclosure

CVE-2022-32549 MEDIUM

Apache Sling Commons Log <= 5.4.0 & Apache Sling API <= 2.25.0 - Co...

CVE-2022-22151 HIGH

Yokogawa Electric - Info Disclosure

CVE-2021-23266 MEDIUM

Crafter CMS 3.1-3.1.17 - Unauthenticated Log Injection via URL Parameter

CVE-2021-43410 MEDIUM

Apache Airavata Django Portal <3c5d8c7 - Log Injection

CVE-2021-42250 MEDIUM

Apache Superset < 1.3.2 - Authenticated Log Forgery via HTTP Endpoint

CVE-2021-22096 MEDIUM

Spring Framework <5.3.11-<5.2.18 - Info Disclosure

CVE-2021-20333 MEDIUM

MongoDB <3.6.20, <4.0.21, <4.2.10 - Info Disclosure

CVE-2020-25646 HIGH

Ansible Collection community.crypto - Info Disclosure

CVE-2020-11644 MEDIUM

B&R GateManager 4260/9250 <9.0.20262 and 8250 <9.2.620236042 - Authenticated Audit Log Message Forgery

CVE-2020-14332 MEDIUM

Ansible Engine 2.8.0-2.8.13 - Sensitive Information Exposure in Module Args via Check Mode

CVE-2020-4072 MEDIUM

generator-jhipster-kotlin <1.7.0 - Info Disclosure

CVE-2019-14854 MEDIUM

OpenShift Container Platform 4 - Sensitive Information Exposure in Static Pod Logs

CVE-2019-14864 MEDIUM

Ansible 2.7.0-2.7.14, 2.8.0-2.8.6, 2.9.0 - Sensitive Information Disclosure via Log File

CVE-2019-10213 MEDIUM

OpenShift Container Platform 4.1-4.2 - Info Disclosure

CVE-2019-14858 MEDIUM

Ansible Engine 2.0-2.8.0 and Ansible Tower 3.0-3.5.0 - Sensitive Information Disclosure in Log Files

CVE-2019-14846 HIGH

Ansible Engine < 2.6.20 - Sensitive Information Disclosure in Debug Logs

CVE-2018-10932 MEDIUM

Intel lldptool < 1.0.1 - Terminal Injection via Unsanitized mngAddr Buffer

CVE-2015-10011 MEDIUM

OpenDNS OpenResolve - Info Disclosure

Previous Page 4 of 4

Details

Vulnerabilities 98

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy