Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1742 vulnerabilities reference this CWE, most recent first.

CVE-2025-11446 (GCVE-0-2025-11446)

Vulnerability from cvelistv5 – Published: 2025-11-19 08:53 – Updated: 2025-11-19 17:19
VLAI
Summary
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
upKeeper Solutions upKeeper Manager Affected: 5.2.0 , < 5.2.12 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11446",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T17:19:20.734721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T17:19:34.530Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "upKeeper Manager",
          "vendor": "upKeeper Solutions",
          "versions": [
            {
              "lessThan": "5.2.12",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.\u003cp\u003eThis issue affects upKeeper Manager: from 5.2.0 before 5.2.12.\u003c/p\u003e"
            }
          ],
          "value": "Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-560",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-560 Use of Known Domain Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T08:53:12.765Z",
        "orgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f",
        "shortName": "upKeeper"
      },
      "references": [
        {
          "url": "https://support.upkeeper.se/hc/en-us/articles/23693858370076-CVE-2025-11446-Insertion-of-Sensitive-Information-into-Log-File"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f",
    "assignerShortName": "upKeeper",
    "cveId": "CVE-2025-11446",
    "datePublished": "2025-11-19T08:53:12.765Z",
    "dateReserved": "2025-10-07T14:00:22.435Z",
    "dateUpdated": "2025-11-19T17:19:34.530Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-11248 (GCVE-0-2025-11248)

Vulnerability from cvelistv5 – Published: 2025-10-27 12:56 – Updated: 2025-10-27 15:07
VLAI
Title
Sensitive Information Logged
Summary
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
Zohocorp ManageEngine Endpoint Central Affected: 0 , < 11.4.2528.05 (11.4.2528.05)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11248",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-27T15:07:12.056495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-27T15:07:22.584Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ManageEngine Endpoint Central",
          "vendor": "Zohocorp",
          "versions": [
            {
              "lessThan": "11.4.2528.05",
              "status": "affected",
              "version": "0",
              "versionType": "11.4.2528.05"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:zohocorp:manageengine_endpoint_central:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.4.2528.05",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "ZohoCorp ManageEngine Endpoint Central versions prior to \u003cstrong\u003e11.4.2528.05\u003c/strong\u003e are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.\u003cbr\u003e"
            }
          ],
          "value": "ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-27T12:56:35.389Z",
        "orgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
        "shortName": "Zohocorp"
      },
      "references": [
        {
          "url": "https://www.manageengine.com/products/desktop-central/CVE-2025-11248.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Sensitive Information Logged",
      "x_generator": {
        "engine": "Vulnogram 0.4.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "0fc0942c-577d-436f-ae8e-945763c79b02",
    "assignerShortName": "Zohocorp",
    "cveId": "CVE-2025-11248",
    "datePublished": "2025-10-27T12:56:35.389Z",
    "dateReserved": "2025-10-03T05:57:15.206Z",
    "dateUpdated": "2025-10-27T15:07:22.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-11008 (GCVE-0-2025-11008)

Vulnerability from cvelistv5 – Published: 2025-11-04 03:26 – Updated: 2026-04-08 17:09
VLAI
Title
CE21 Suite <= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation
Summary
The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as other users as long as they have used the plugin's custom authentication feature before. This may include administrators, which makes a complete site takeover possible.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
ce21com CE21 Suite Affected: 0 , ≤ 2.3.1 (semver)
Create a notification for this product.
Credits
Kenneth Dunn
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11008",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-04T18:48:17.458623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:48:23.226Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CE21 Suite",
          "vendor": "ce21com",
          "versions": [
            {
              "lessThanOrEqual": "2.3.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kenneth Dunn"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as other users as long as they have used the plugin\u0027s custom authentication feature before. This may include administrators, which makes a complete site takeover possible."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:09:17.322Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/91aa86d9-8e42-4deb-b6ca-c3b388fefcb1?source=cve"
        },
        {
          "url": "https://wordpress.org/plugins/ce21-suite/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-11-03T15:24:06.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "CE21 Suite \u003c= 2.3.1 - Unauthenticated Sensitive Information Exposure to Privilege Escalation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-11008",
    "datePublished": "2025-11-04T03:26:46.726Z",
    "dateReserved": "2025-09-25T20:57:59.568Z",
    "dateUpdated": "2026-04-08T17:09:17.322Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10645 (GCVE-0-2025-10645)

Vulnerability from cvelistv5 – Published: 2025-10-07 08:23 – Updated: 2026-04-08 17:04
VLAI
Title
WP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log
Summary
The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WF_Licensing::log() method when debugging is enabled (default). This makes it possible for unauthenticated attackers to extract sensitive license key and site data.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
webfactory WP Reset Affected: 0 , ≤ 2.05 (semver)
Create a notification for this product.
Credits
Dmitrii Ignatyev
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10645",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-07T18:17:41.498848Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-07T18:20:23.922Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WP Reset",
          "vendor": "webfactory",
          "versions": [
            {
              "lessThanOrEqual": "2.05",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dmitrii Ignatyev"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP Reset plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.05 via the WF_Licensing::log() method when debugging is enabled (default). This makes it possible for unauthenticated attackers to extract sensitive license key and site data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:04:48.752Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86741f4a-8700-45dd-8998-b3f0387c27ed?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3364169/"
        },
        {
          "url": "https://research.cleantalk.org/cve-2025-10645/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-17T16:33:43.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2025-10-06T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "WP Reset \u003c= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-10645",
    "datePublished": "2025-10-07T08:23:38.793Z",
    "dateReserved": "2025-09-17T16:16:05.766Z",
    "dateUpdated": "2026-04-08T17:04:48.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10486 (GCVE-0-2025-10486)

Vulnerability from cvelistv5 – Published: 2025-10-15 08:26 – Updated: 2026-04-08 17:18
VLAI
Title
Content Writer <= 3.6.8 - Unauthenticated Information Exposure via Log File
Summary
The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.8 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
steadycontent Content Writer Affected: 0 , ≤ 3.6.8 (semver)
Create a notification for this product.
Credits
D01EXPLOIT OFFICIAL
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10486",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-15T13:23:08.345402Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-15T14:54:06.014Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Content Writer",
          "vendor": "steadycontent",
          "versions": [
            {
              "lessThanOrEqual": "3.6.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "D01EXPLOIT OFFICIAL"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.8 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:18:24.553Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb20452b-7049-4567-8288-6d24350e2143?source=cve"
        },
        {
          "url": "https://plugins.svn.wordpress.org/content-writer/tags/3.6.8/lib/sc_functions.php"
        },
        {
          "url": "https://wordpress.org/plugins/content-writer/"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3379612%40content-writer\u0026new=3379612%40content-writer\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-14T20:02:33.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Content Writer \u003c= 3.6.8 - Unauthenticated Information Exposure via Log File"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-10486",
    "datePublished": "2025-10-15T08:26:01.576Z",
    "dateReserved": "2025-09-15T14:12:29.662Z",
    "dateUpdated": "2026-04-08T17:18:24.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10221 (GCVE-0-2025-10221)

Vulnerability from cvelistv5 – Published: 2025-09-10 12:31 – Updated: 2025-10-08 12:02
VLAI
Title
Hardcoded Password Exposure in AxxonNet (C-WerkNet) ARP Agent Logs
Summary
Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
AxxonSoft AxxonNet ARP Agent C-WerkNet Affected: 0 , ≤ 2.0.4 (custom)
Create a notification for this product.
Credits
This vulnerability was discovered internally by the AxxonSoft development and QA team.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10221",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-10T13:47:28.001205Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-10T13:49:09.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "AxxonNet ARP Agent C-WerkNet",
          "vendor": "AxxonSoft",
          "versions": [
            {
              "lessThanOrEqual": "2.0.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This vulnerability was discovered internally by the AxxonSoft development and QA team."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords."
            }
          ],
          "value": "Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-560",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-560 Use of Known Domain Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-08T12:02:15.274Z",
        "orgId": "15ede60e-6fda-426e-be9c-e788f151a377",
        "shortName": "AxxonSoft"
      },
      "references": [
        {
          "url": "https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpgrade to \u003cstrong\u003eAxxon One 3.15.0 (C-Werk) or later\u003c/strong\u003e, where TRACE logging no longer records plaintext passwords and instead uses masked/encoded values.\u003cbr\u003e\nAs an additional mitigation, administrators should:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eavoid enabling TRACE logging in production environments,\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003erotate credentials if TRACE logging had been previously enabled.\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Upgrade to Axxon One 3.15.0 (C-Werk) or later, where TRACE logging no longer records plaintext passwords and instead uses masked/encoded values.\n\nAs an additional mitigation, administrators should:\n\n\n\n  *  \navoid enabling TRACE logging in production environments,\n\n\n\n\n  *  \nrotate credentials if TRACE logging had been previously enabled."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Hardcoded Password Exposure in AxxonNet (C-WerkNet) ARP Agent Logs",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "15ede60e-6fda-426e-be9c-e788f151a377",
    "assignerShortName": "AxxonSoft",
    "cveId": "CVE-2025-10221",
    "datePublished": "2025-09-10T12:31:52.575Z",
    "dateReserved": "2025-09-10T12:31:11.920Z",
    "dateUpdated": "2025-10-08T12:02:15.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9985 (GCVE-0-2025-9985)

Vulnerability from cvelistv5 – Published: 2025-09-26 04:25 – Updated: 2026-04-08 17:10
VLAI
Title
Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
Summary
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
marceljm Featured Image from URL (FIFU) Affected: 0 , ≤ 5.2.7 (semver)
Create a notification for this product.
Credits
ifoundbug
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9985",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-26T19:46:02.340569Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-26T19:46:14.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Featured Image from URL (FIFU)",
          "vendor": "marceljm",
          "versions": [
            {
              "lessThanOrEqual": "5.2.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "ifoundbug"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:10:48.643Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/991d63da-ca6c-400e-beb7-b44cf629abc9?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/featured-image-from-url/trunk/admin/log.php?rev=3344903"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3362830%40featured-image-from-url\u0026new=3362830%40featured-image-from-url\u0026sfp_email=\u0026sfph_mail=#file6"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-09-04T13:52:34.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2025-09-25T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Featured Image from URL (FIFU) \u003c= 5.2.7 - Unauthenticated Information Exposure via Log File"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-9985",
    "datePublished": "2025-09-26T04:25:17.076Z",
    "dateReserved": "2025-09-04T13:36:33.083Z",
    "dateUpdated": "2026-04-08T17:10:48.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-8864 (GCVE-0-2025-8864)

Vulnerability from cvelistv5 – Published: 2025-08-11 13:30 – Updated: 2025-08-11 15:05
VLAI
Summary
Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
YugabyteDB Inc YugabyteDB Anywhere Unaffected: 2.20.0.0 , < 2.20.7.0 (custom)
Affected: 2.23.0.0 , < 2.23.1.0 (custom)
Affected: 2024.1.0.0 , < 2024.1.3.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8864",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-11T15:05:31.937000Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-11T15:05:42.481Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "yugaware",
          "platforms": [
            "MacOS",
            "Linux",
            "x86",
            "ARM"
          ],
          "product": "YugabyteDB Anywhere",
          "vendor": "YugabyteDB Inc",
          "versions": [
            {
              "lessThan": "2.20.7.0",
              "status": "unaffected",
              "version": "2.20.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.23.1.0",
              "status": "affected",
              "version": "2.23.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3.0",
              "status": "affected",
              "version": "2024.1.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: transparent;\"\u003eShared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-215",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-215 Fuzzing for application mapping"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-11T13:30:09.039Z",
        "orgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
        "shortName": "Yugabyte"
      },
      "references": [
        {
          "url": "https://docs.yugabyte.com/preview/secure/vulnerability-disclosure-policy/"
        }
      ],
      "source": {
        "defect": [
          "PLAT-14788"
        ],
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
    "assignerShortName": "Yugabyte",
    "cveId": "CVE-2025-8864",
    "datePublished": "2025-08-11T13:30:09.039Z",
    "dateReserved": "2025-08-11T13:05:50.185Z",
    "dateUpdated": "2025-08-11T15:05:42.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8663 (GCVE-0-2025-8663)

Vulnerability from cvelistv5 – Published: 2025-09-03 07:05 – Updated: 2025-09-03 19:11
VLAI
Summary
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
upKeeper Solutions upKeeper Manager Affected: 5.0.0 , < 5.2.12 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8663",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-03T19:11:08.489546Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-03T19:11:16.856Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "upKeeper Manager",
          "vendor": "upKeeper Solutions",
          "versions": [
            {
              "lessThan": "5.2.12",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.\u003cp\u003eThis issue affects upKeeper Manager: from 5.0.0 before 5.2.12.\u003c/p\u003e"
            }
          ],
          "value": "Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-560",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-560 Use of Known Domain Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NEGLIGIBLE",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-03T07:05:47.541Z",
        "orgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f",
        "shortName": "upKeeper"
      },
      "references": [
        {
          "url": "https://support.upkeeper.se/hc/en-us/articles/22107280228252-CVE-2025-8663-Insertion-of-Sensitive-Information-into-Log-File"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80f39f49-2521-4ee7-9e17-af5d55e8032f",
    "assignerShortName": "upKeeper",
    "cveId": "CVE-2025-8663",
    "datePublished": "2025-09-03T07:05:47.541Z",
    "dateReserved": "2025-08-06T07:19:14.499Z",
    "dateUpdated": "2025-09-03T19:11:16.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7445 (GCVE-0-2025-7445)

Vulnerability from cvelistv5 – Published: 2025-09-05 02:31 – Updated: 2025-09-05 15:55
VLAI
Title
Kubernetes secrets-store-sync-controller discloses service account tokens in logs
Summary
Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
Kubernetes secrets-store-sync-controller Affected: 0 , < 0.0.2 (semver)
Unaffected: 0.0.2
Create a notification for this product.
Date Public
2025-09-04 04:00
Credits
Reem Rotenberg Kas Dekel
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-05T15:53:41.096862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-05T15:55:05.022Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "secrets-store-sync-controller",
          "repo": "https://github.com/kubernetes-sigs/secrets-store-sync-controller",
          "vendor": "Kubernetes",
          "versions": [
            {
              "lessThan": "0.0.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "0.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Reem Rotenberg"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Kas Dekel"
        }
      ],
      "datePublic": "2025-09-04T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs.\u003cbr\u003e"
            }
          ],
          "value": "Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-05T02:31:35.360Z",
        "orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
        "shortName": "kubernetes"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/kubernetes/kubernetes/issues/133897"
        },
        {
          "tags": [
            "mailing-list"
          ],
          "url": "https://groups.google.com/g/kubernetes-security-announce/c/NP7cQvQ1aGA"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Kubernetes secrets-store-sync-controller discloses service account tokens in logs",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
    "assignerShortName": "kubernetes",
    "cveId": "CVE-2025-7445",
    "datePublished": "2025-09-05T02:31:35.360Z",
    "dateReserved": "2025-07-11T00:59:34.039Z",
    "dateUpdated": "2025-09-05T15:55:05.022Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.