Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-532

CWE-532

Medium likelihood

Insertion of Sensitive Information into Log File

Parent: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory

The product writes sensitive information to a log file.

1,137 vulnerabilities with CWE-532

CVE-2019-5532 HIGH

VMware vCenter Server < 6.7 U3, < 6.5 U3, < 6.0 U3j - Credential Disclosure in OVF Deployment Logs

CVE-2019-3763 HIGH

RSA Identity Governance and Lifecycle < 7.1.0 P08 - Authenticated Information Exposure via Office 365 Connector

CVE-2019-11465 MEDIUM

Couchbase Server <5.5.3, 6.0.0 - Info Disclosure

CVE-2019-11549 MEDIUM

GitLab <11.8.9-11.10.2 - Info Disclosure

CVE-2019-6648 MEDIUM

F5 Container Ingress Service 1.9.0 - Sensitive Information Disclosure in Log Files

CVE-2019-11250 MEDIUM

Kubernetes < 1.16.0-beta.1 - Sensitive Information Disclosure in Logs via High Verbosity Level

CVE-2019-15294 CRITICAL

Gallagher Command Centre 8.10 < 8.10.1092 - Sensitive Information Disclosure in Log File

CVE-2019-15508 MEDIUM

Octopus Tentacle 3.0.8-5.0.0 - Authenticated Sensitive Information Disclosure in Deployment Log

CVE-2019-15507 MEDIUM

Octopus Server 2018.8.4-2019.7.6 - Authenticated Sensitive Information Disclosure in Deployment Log

CVE-2019-5634 MEDIUM

Hickory Smart < 01.01.43 - Sensitive Information Exposure in Debug Log

CVE-2019-13515 MEDIUM

OSIsoft PI Web API < 2018 - Sensitive Information Disclosure in Log Files

CVE-2019-1961 MEDIUM

Cisco Enterprise NFV Infrastructure Software < 3.10.1 - Authenticated Arbitrary File Read via Tar Package Upload

CVE-2019-1953 MEDIUM

Cisco Enterprise NFV Infrastructure Software < 3.9.1 - Authenticated Password Exposure in Web Portal Log

CVE-2019-10370 MEDIUM

Jenkins Mask Passwords Plugin < 2.12.0 - Plaintext Password Exposure in Configuration Form

CVE-2019-10367 MEDIUM

Jenkins Configuration as Code Plugin < 1.26 - Sensitive Information Exposure in Log Files

CVE-2019-4284 MEDIUM

IBM Cloud Private <3.1.2 - Privilege Escalation

CVE-2019-10364 MEDIUM

Jenkins Amazon EC2 Plugin < 1.43 - Private Key Exposure in System Log

CVE-2019-10358 MEDIUM

Jenkins Maven Integration Plugin < 3.3 - Sensitive Information Exposure in Build Log

CVE-2019-10345 MEDIUM

Jenkins Configuration as Code Plugin < 1.20 - Insufficiently Protected Credentials

CVE-2019-10343 LOW

Jenkins Configuration as Code Plugin < 1.24 - Sensitive Information Exposure in Log Files

CVE-2019-10165 LOW

OpenShift Container Platform <4.1.3 - Info Disclosure

CVE-2019-0202 HIGH

Apache Storm 0.9.1-incubating-1.2.2 - Unauthenticated Sensitive Information Exposure via Logviewer Endpoint

CVE-2019-14268 MEDIUM

Octopus Deploy <2019.7.2 - Info Disclosure

CVE-2019-11273 MEDIUM

Pivotal Container Service 1.3.0-1.3.6 and 1.4.0 - Authenticated Sensitive Information Exposure via Billing Database Logs

CVE-2019-13098 MEDIUM

TronLink Wallet 2.2.0 - Sensitive Information Exposure via Log File

Previous Page 39 of 46 Next

Details

Vulnerabilities 1,137

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy