Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1744 vulnerabilities reference this CWE, most recent first.

GHSA-P632-5P4V-9HH3

Vulnerability from github – Published: 2022-03-08 00:00 – Updated: 2022-03-17 00:03
VLAI
Details

The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-25009"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-07T09:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses",
  "id": "GHSA-p632-5p4v-9hh3",
  "modified": "2022-03-17T00:03:03Z",
  "published": "2022-03-08T00:00:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25009"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/ce2e3503-9a06-4f5c-ae0f-f40e7dfb2903"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P6MM-27GQ-9V3P

Vulnerability from github – Published: 2022-08-06 05:29 – Updated: 2022-08-06 05:29
VLAI
Summary
next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
Details

Impact

An information disclosure vulnerability in next-auth before v4.10.2 and v3.29.9 allows an attacker with log access privilege to obtain excessive information such as an identity provider's secret in the log (which is thrown during OAuth error handling) and use it to leverage further attacks on the system, like impersonating the client to ask for extensive permissions.

Patches

We patched this vulnerability in v4.10.2 and v3.29.9 by moving the log for provider information to the debug level. In addition, we added a warning for having the debug: true option turned on in production and documented it here.

You have enabled the debug option. It is meant for development only, to help you catch issues in your authentication flow and you should consider removing this option when deploying to production. One way of only allowing debugging while not in production is to set debug: process.env.NODE_ENV !== "production", so you can commit this without needing to change the value.

If you want to log debug messages during production anyway, we recommend setting the logger option with proper sanitization of potentially sensitive user information.

To upgrade:

npm i next-auth@latest
# or
yarn add next-auth@latest
# or
pnpm add next-auth@latest

(This will update to the latest v4 version, but you can change latest to 3 if you want to stay on v3. This is not recommended. v3 is unmaintained.)

Workarounds

If for some reason you cannot upgrade, you can user the logger configuration option by sanitizing the logs:

// Example
import log from "your-logging-service"
export const authOptions: NextAuthOptions = {
  debug: process.env.NODE_ENV !== "production",
  logger: {
    error: (code, metadata) => {
      if (!(metadata instanceof Error) &&  metadata.provider) {
        // redact the provider secret here
        delete metadata.provider
        log.error(code, metadata)
      } else {
        log.error(code, metadata)
      }
    }
  },
}

References

Related documentation: - https://next-auth.js.org/warnings#debug_enabled - https://next-auth.js.org/configuration/options#logger - https://next-auth.js.org/getting-started/upgrade-v4

For more information

If you have any concerns, we request responsible disclosure, outlined here: https://next-auth.js.org/security#reporting-a-vulnerability

Timeline

The issue was reported 18th of July, a response was sent out in less than 20 minutes and after identifying the issue a patch was published within a week.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "next-auth"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.29.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "next-auth"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.10.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-31186"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-08-06T05:29:45Z",
    "nvd_published_at": "2022-08-01T20:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nAn information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to obtain excessive information such as an identity provider\u0027s secret in the log (which is thrown during OAuth error handling) and use it to leverage further attacks on the system, like impersonating the client to ask for extensive permissions.\n\n### Patches\nWe patched this vulnerability in `v4.10.2` and `v3.29.9` by moving the log for `provider` information to the debug level. In addition, we added a warning for having the `debug: true` option turned on in production and documented it [here](https://next-auth.js.org/warnings#debug_enabled).\n\u003e You have enabled the debug option. It is meant for development only, to help you catch issues in your authentication flow and you should consider removing this option when deploying to production. One way of only allowing debugging while not in production is to set debug: process.env.NODE_ENV !== \"production\", so you can commit this without needing to change the value.\n\u003e \n\u003e If you want to log debug messages during production anyway, we recommend setting the [logger option](https://next-auth.js.org/configuration/options#logger) with proper sanitization of potentially sensitive user information.\n\nTo upgrade:\n\n```sh\nnpm i next-auth@latest\n# or\nyarn add next-auth@latest\n# or\npnpm add next-auth@latest\n```\n(This will update to the latest v4 version, but you can change `latest` to 3 if you want to stay on v3. This is not recommended. v3 is unmaintained.)\n\n### Workarounds\n\nIf for some reason you cannot upgrade, you can user the `logger` configuration option by sanitizing the logs:\n```ts\n// Example\nimport log from \"your-logging-service\"\nexport const authOptions: NextAuthOptions = {\n  debug: process.env.NODE_ENV !== \"production\",\n  logger: {\n    error: (code, metadata) =\u003e {\n      if (!(metadata instanceof Error) \u0026\u0026  metadata.provider) {\n        // redact the provider secret here\n        delete metadata.provider\n        log.error(code, metadata)\n      } else {\n        log.error(code, metadata)\n      }\n    }\n  },\n}\n```\n\n### References\nRelated documentation:\n- https://next-auth.js.org/warnings#debug_enabled\n- https://next-auth.js.org/configuration/options#logger \n- https://next-auth.js.org/getting-started/upgrade-v4\n\n### For more information\nIf you have any concerns, we request responsible disclosure, outlined here: https://next-auth.js.org/security#reporting-a-vulnerability\n\n### Timeline\nThe issue was reported 18th of July, a response was sent out in less than 20 minutes and after identifying the issue a patch was published within a week.",
  "id": "GHSA-p6mm-27gq-9v3p",
  "modified": "2022-08-06T05:29:45Z",
  "published": "2022-08-06T05:29:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/nextauthjs/next-auth/security/advisories/GHSA-p6mm-27gq-9v3p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31186"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/nextauthjs/next-auth"
    },
    {
      "type": "WEB",
      "url": "https://next-auth.js.org/configuration/options#logger"
    },
    {
      "type": "WEB",
      "url": "https://next-auth.js.org/getting-started/upgrade-v4"
    },
    {
      "type": "WEB",
      "url": "https://next-auth.js.org/warnings#debug_enabled"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "next-auth before v4.10.2 and v3.29.9 leaks excessive information into log"
}

GHSA-P737-P57G-4CPR

Vulnerability from github – Published: 2022-03-25 19:20 – Updated: 2022-03-25 19:20
VLAI
Summary
Insertion of Sensitive Information into Log File in Jupyter notebook
Details

Impact

What kind of vulnerability is it?

Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server.

Patches

Has the problem been patched? What versions should users upgrade to?

Upgrade to Jupyter Server version 1.15.4

For more information

If you have any questions or comments about this advisory, or vulnerabilities to report, please email our security list security@ipython.org.

Credit: @3coins for reporting. Thank you!

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "jupyter-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24757"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-03-25T19:20:39Z",
    "nvd_published_at": "2022-03-23T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n_What kind of vulnerability is it?_\n\nAnytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server.\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\nUpgrade to Jupyter Server version 1.15.4\n\n### For more information\n\nIf you have any questions or comments about this advisory, or vulnerabilities to report, please email our security list [security@ipython.org](mailto:security@ipython.org).\n\nCredit: @3coins for reporting. Thank you!\n\n",
  "id": "GHSA-p737-p57g-4cpr",
  "modified": "2022-03-25T19:20:39Z",
  "published": "2022-03-25T19:20:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-p737-p57g-4cpr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24757"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jupyter-server/jupyter_server/commit/a5683aca0b0e412672ac6218d09f74d44ca0de5a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jupyter-server/jupyter_server"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/jupyter-server/PYSEC-2022-179.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Insertion of Sensitive Information into Log File in Jupyter notebook"
}

GHSA-P77H-Q5M6-CRXC

Vulnerability from github – Published: 2023-02-16 21:30 – Updated: 2023-02-24 21:30
VLAI
Details

An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices' passwords in the audit log page.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-43954"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-16T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An insertion of sensitive information into log file vulnerability [CWE-532] in the FortiPortal management interface 7.0.0 through 7.0.2 may allow a remote authenticated attacker to read other devices\u0027 passwords in the audit log page.",
  "id": "GHSA-p77h-q5m6-crxc",
  "modified": "2023-02-24T21:30:17Z",
  "published": "2023-02-16T21:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43954"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-22-430"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P7F2-6479-84WX

Vulnerability from github – Published: 2026-04-16 21:31 – Updated: 2026-04-16 21:31
VLAI
Details

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-16T19:16:32Z",
    "severity": "MODERATE"
  },
  "details": "Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
  "id": "GHSA-p7f2-6479-84wx",
  "modified": "2026-04-16T21:31:13Z",
  "published": "2026-04-16T21:31:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43937"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000376214/dsa-2025-347-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P83H-G6JW-GH8F

Vulnerability from github – Published: 2025-01-03 06:32 – Updated: 2025-01-03 09:30
VLAI
Details

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-22275"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-03T05:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.",
  "id": "GHSA-p83h-g6jw-gh8f",
  "modified": "2025-01-03T09:30:47Z",
  "published": "2025-01-03T06:32:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22275"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gnachman/iterm2/-/wikis/SSH-Integration-Information-Leak"
    },
    {
      "type": "WEB",
      "url": "https://iterm2.com/downloads/stable/iTerm2-3_5_11.changelog"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=42579472"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P868-FP4Q-W4HX

Vulnerability from github – Published: 2024-09-10 12:30 – Updated: 2024-09-10 12:30
VLAI
Details

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42344"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-10T10:15:12Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in SINEMA Remote Connect Client (All versions \u003c V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users\u0027 configuration data.",
  "id": "GHSA-p868-fp4q-w4hx",
  "modified": "2024-09-10T12:30:38Z",
  "published": "2024-09-10T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42344"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-417159.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-P8RH-8MH7-W4XH

Vulnerability from github – Published: 2024-10-14 18:30 – Updated: 2024-10-14 18:30
VLAI
Details

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-45739"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-14T17:15:12Z",
    "severity": "MODERATE"
  },
  "details": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.",
  "id": "GHSA-p8rh-8mh7-w4xh",
  "modified": "2024-10-14T18:30:25Z",
  "published": "2024-10-14T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45739"
    },
    {
      "type": "WEB",
      "url": "https://advisory.splunk.com/advisories/SVD-2024-1009"
    },
    {
      "type": "WEB",
      "url": "https://research.splunk.com/application/93dc7182-c5da-4085-82ec-401abf33d623"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P999-J4HQ-PMJ3

Vulnerability from github – Published: 2025-04-09 00:30 – Updated: 2025-04-09 00:30
VLAI
Details

Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-25013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-08T23:15:45Z",
    "severity": "MODERATE"
  },
  "details": "Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.",
  "id": "GHSA-p999-j4hq-pmj3",
  "modified": "2025-04-09T00:30:27Z",
  "published": "2025-04-09T00:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25013"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PC23-4MQ4-C95V

Vulnerability from github – Published: 2026-06-02 18:31 – Updated: 2026-06-02 18:31
VLAI
Details

A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.

This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.

Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-40619"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T16:16:39Z",
    "severity": "HIGH"
  },
  "details": "A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.\n\nThis vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.\n\nConsequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.",
  "id": "GHSA-pc23-4mq4-c95v",
  "modified": "2026-06-02T18:31:31Z",
  "published": "2026-06-02T18:31:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40619"
    },
    {
      "type": "WEB",
      "url": "https://resources.genetec.com/security-advisories/vulnerability-affecting-security-center-systems-main-server-installations"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.