CWE-532

Medium likelihood

Insertion of Sensitive Information into Log File

Parent: CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory

The product writes sensitive information to a log file.

1,138 vulnerabilities with CWE-532
CVE-2016-0879 HIGH
Moxa Secure Router EDR-G903 <3.4.12 - Info Disclosure
CVSS 7.5
CVE-2016-0875 HIGH
Moxa Secure Router EDR-G903 <3.4.12 - Info Disclosure
CVSS 7.5
CVE-2015-1343 LOW
Unity-Scope-GDrive - Info Disclosure
CVSS 2.0
CVE-2015-3243 MEDIUM
rsyslog - Sensitive Information Exposure via Weak Log File Permissions
CVSS 5.5
CVE-2015-8977 HIGH
MyBB Merge System < 1.8.6 and MyBB < 1.6.18 - Sensitive Information Disclosure via Error Log Files
CVSS 7.5
CVE-2014-3536 MEDIUM
CloudForms Management Engine 5 - Sensitive Information Exposure via Log File
CVSS 5.5
CVE-2013-1771 HIGH
monkey-project monkey - Sensitive Information Exposure via World-Readable Log File
CVSS 7.5
CVE-2013-6384
OpenStack Ceilometer >=2013.1 <2013.2 - Sensitive Information Exposure in Log Files
CVE-2013-4733 HIGH
Digital Alert Systems DASDEC EAS <2.0-2 - Info Disclosure
CVSS 7.5
CVE-2012-1156 HIGH
Moodle < 2.2.2 - Sensitive Information Exposure via Course Backup
CVSS 7.5
CVE-2012-0814 MEDIUM
OpenSSH < 5.7 - Authenticated Information Disclosure via Debug Messages
CVSS 6.5
CVE-2011-1943
NetworkManager <0.8.999-3 - Info Disclosure
CVE-2001-1556
Apache HTTP Server 1.3.0-1.3.30 - Log Injection via Control Characters
Details
Vulnerabilities 1,138
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits