CWE-532
Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
CVE-2023-6814 (GCVE-0-2023-6814)
Vulnerability from cvelistv5 – Published: 2024-03-12 03:39 – Updated: 2024-08-02 08:42
VLAI
Title
Information Exposure Vulnerability in Cosminexus Component Container
Summary
Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.
Severity
5.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.hitachi.com/products/it/software/secu… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi | Cosminexus Component Container |
Affected:
11-30 , < 11-30-05
(custom)
Affected: 11-20 , < 11-20-07 (custom) Affected: 11-10 , < 11-10-10 (custom) Affected: 11-00 , < 11-00-12 (custom) Affected: 08-00 , ≤ 09-* (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T13:30:31.864165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T01:57:04.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-118/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cosminexus Component Container",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "11-30-05",
"status": "unaffected"
}
],
"lessThan": "11-30-05",
"status": "affected",
"version": "11-30",
"versionType": "custom"
},
{
"changes": [
{
"at": "11-20-07",
"status": "unaffected"
}
],
"lessThan": "11-20-07",
"status": "affected",
"version": "11-20",
"versionType": "custom"
},
{
"changes": [
{
"at": "11-10-10",
"status": "unaffected"
}
],
"lessThan": "11-10-10",
"status": "affected",
"version": "11-10",
"versionType": "custom"
},
{
"changes": [
{
"at": "11-00-12",
"status": "unaffected"
}
],
"lessThan": "11-00-12",
"status": "affected",
"version": "11-00",
"versionType": "custom"
},
{
"lessThanOrEqual": "09-*",
"status": "affected",
"version": "08-00",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.\u003cp\u003eThis issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Cosminexus Component Container allows local users to gain sensitive information.This issue affects Cosminexus Component Container: from 11-30 before 11-30-05, from 11-20 before 11-20-07, from 11-10 before 11-10-10, from 11-00 before 11-00-12, All versions of V8 and V9.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-16T03:10:06.839Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-118/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2024-118",
"discovery": "UNKNOWN"
},
"title": "Information Exposure Vulnerability in Cosminexus Component Container",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2023-6814",
"datePublished": "2024-03-12T03:39:22.392Z",
"dateReserved": "2023-12-14T02:26:36.719Z",
"dateUpdated": "2024-08-02T08:42:07.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6833 (GCVE-0-2023-6833)
Vulnerability from cvelistv5 – Published: 2024-04-23 05:35 – Updated: 2024-08-02 08:42
VLAI
Title
Information Exposure Vulnerability in Hitachi Ops Center Administrator
Summary
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.hitachi.com/products/it/software/secu… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi | Hitachi Ops Center Administrator |
Affected:
0 , < 11.0.1
(custom)
|
|
| hitachi | ops_center_administrator |
Affected:
- , < 11.0.1
(custom)
cpe:2.3:a:hitachi:ops_center_administrator:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hitachi:ops_center_administrator:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ops_center_administrator",
"vendor": "hitachi",
"versions": [
{
"lessThan": "11.0.1",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-23T20:37:24.413071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:16:56.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Hitachi Ops Center Administrator",
"vendor": "Hitachi",
"versions": [
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.\u003cp\u003eThis issue affects Hitachi Ops Center Administrator: before 11.0.1.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator allows local users to gain sensitive information.This issue affects Hitachi Ops Center Administrator: before 11.0.1.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-23T05:35:48.828Z",
"orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"shortName": "Hitachi"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-121/index.html"
}
],
"source": {
"advisory": "hitachi-sec-2024-121",
"discovery": "UNKNOWN"
},
"title": "Information Exposure Vulnerability in Hitachi Ops Center Administrator",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
"assignerShortName": "Hitachi",
"cveId": "CVE-2023-6833",
"datePublished": "2024-04-23T05:35:48.828Z",
"dateReserved": "2023-12-15T01:42:35.987Z",
"dateUpdated": "2024-08-02T08:42:07.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0006 (GCVE-0-2024-0006)
Vulnerability from cvelistv5 – Published: 2024-07-19 14:26 – Updated: 2024-08-01 17:41
VLAI
Title
DB User Password Leak in Application Log
Summary
Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthorized database access.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
3 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| YugabyteDB | YugabyteDB Anywhere |
Affected:
2.18.0.0 , < 2.18.9.0
(git)
Affected: 2.20.0.0 , < 2.20.2.3 (git) Affected: 2024.0.0.0 , < 2024.1.1.0 (git) |
|
| yugabyte | yugabytedb |
Affected:
2.18.0.0 , < 2.18.9.0
(custom)
Affected: 2.20.0.0 , < 2.20.2.3 (custom) Affected: 2024.0.0.0 , < 2024.1.1.0 (custom) cpe:2.3:a:yugabyte:yugabytedb:2.18.0.0:*:*:*:*:*:*:* |
Date Public
2024-07-18 19:42
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:yugabyte:yugabytedb:2.18.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "yugabytedb",
"vendor": "yugabyte",
"versions": [
{
"lessThan": "2.18.9.0",
"status": "affected",
"version": "2.18.0.0",
"versionType": "custom"
},
{
"lessThan": "2.20.2.3",
"status": "affected",
"version": "2.20.0.0",
"versionType": "custom"
},
{
"lessThan": "2024.1.1.0",
"status": "affected",
"version": "2024.0.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T14:31:12.448030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T14:32:54.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/439c6286f1971f9ac6bff2c7215b454c2025c593"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/d96e6b629f34d065b47204daeeb44064e484c579"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/5cc7f4e15d6ccccbf97c57946fd0aa630f88c9e2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Docker",
"Kubernetes"
],
"product": "YugabyteDB Anywhere",
"vendor": "YugabyteDB",
"versions": [
{
"lessThan": "2.18.9.0",
"status": "affected",
"version": "2.18.0.0",
"versionType": "git"
},
{
"lessThan": "2.20.2.3",
"status": "affected",
"version": "2.20.0.0",
"versionType": "git"
},
{
"lessThan": "2024.1.1.0",
"status": "affected",
"version": "2024.0.0.0",
"versionType": "git"
}
]
}
],
"datePublic": "2024-07-18T19:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthorized database access."
}
],
"value": "Information exposure in the logging system in Yugabyte Platform allows local attackers with access to application logs to obtain database user credentials in log files, potentially leading to unauthorized database access."
}
],
"impacts": [
{
"capecId": "CAPEC-560",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-560 Use of Known Domain Credentials"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T14:26:14.160Z",
"orgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"shortName": "Yugabyte"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/439c6286f1971f9ac6bff2c7215b454c2025c593"
},
{
"tags": [
"patch"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/d96e6b629f34d065b47204daeeb44064e484c579"
},
{
"tags": [
"patch"
],
"url": "https://github.com/yugabyte/yugabyte-db/commit/5cc7f4e15d6ccccbf97c57946fd0aa630f88c9e2"
}
],
"source": {
"defect": [
"PLAT-14286"
],
"discovery": "UNKNOWN"
},
"title": "DB User Password Leak in Application Log",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"assignerShortName": "Yugabyte",
"cveId": "CVE-2024-0006",
"datePublished": "2024-07-19T14:26:14.160Z",
"dateReserved": "2023-11-07T22:19:42.717Z",
"dateUpdated": "2024-08-01T17:41:15.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0831 (GCVE-0-2024-0831)
Vulnerability from cvelistv5 – Published: 2024-02-01 01:41 – Updated: 2025-02-13 17:27
VLAI
Title
Vault May Expose Sensitive Information When Configuring An Audit Log Device
Summary
Vault and Vault Enterprise (“Vault”) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`.
Severity
4.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| HashiCorp | Vault |
Affected:
1.15.0 , ≤ 1.15.4
(semver)
|
|
| HashiCorp | Vault Enterprise |
Affected:
1.15.0 , ≤ 1.15.4
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0831",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T14:27:53.989443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:51.524Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2024-01-vault-may-expose-sensitive-information-when-configuring-an-audit-log-device/62311"
},
{
"tags": [
"x_transferred"
],
"url": "https://developer.hashicorp.com/vault/docs/upgrading/upgrade-to-1.15.x#audit-devices-could-log-raw-data-despite-configuration"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240223-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Vault",
"repo": "https://github.com/hashicorp/vault",
"vendor": "HashiCorp",
"versions": [
{
"lessThanOrEqual": "1.15.4",
"status": "affected",
"version": "1.15.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Vault Enterprise",
"vendor": "HashiCorp",
"versions": [
{
"lessThanOrEqual": "1.15.4",
"status": "affected",
"version": "1.15.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVault and Vault Enterprise (\u201cVault\u201d) \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emay expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Vault and Vault Enterprise (\u201cVault\u201d) may expose sensitive information when enabling an audit device which specifies the `log_raw` option, which may log sensitive information to other audit devices, regardless of whether they are configured to use `log_raw`."
}
],
"impacts": [
{
"capecId": "CAPEC-268",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-268 Audit Log Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-23T16:06:01.441Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-01-vault-may-expose-sensitive-information-when-configuring-an-audit-log-device/62311"
},
{
"url": "https://developer.hashicorp.com/vault/docs/upgrading/upgrade-to-1.15.x#audit-devices-could-log-raw-data-despite-configuration"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0005/"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Vault May Expose Sensitive Information When Configuring An Audit Log Device"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2024-0831",
"datePublished": "2024-02-01T01:41:33.801Z",
"dateReserved": "2024-01-23T17:42:40.228Z",
"dateUpdated": "2025-02-13T17:27:29.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0912 (GCVE-0-2024-0912)
Vulnerability from cvelistv5 – Published: 2024-06-05 23:23 – Updated: 2024-08-01 18:18
VLAI
Title
CCURE passwords exposed to administrators
Summary
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Johnson Controls | Software House C•CURE 9000 |
Affected:
0 , ≤ 2.90
(custom)
|
|
| johnsoncontrols | c-cure_9000_firmware |
Affected:
3.00.2
cpe:2.3:a:johnsoncontrols:c-cure_9000_firmware:3.00.2:*:*:*:*:*:*:* |
Date Public
2024-05-14 23:05
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:johnsoncontrols:c-cure_9000_firmware:3.00.2:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "c-cure_9000_firmware",
"vendor": "johnsoncontrols",
"versions": [
{
"status": "affected",
"version": "3.00.2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-06T13:26:19.917096Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T13:29:07.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Software House C\u2022CURE 9000",
"vendor": "Johnson Controls",
"versions": [
{
"lessThanOrEqual": "2.90",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-14T23:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUnder certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions\u003c/span\u003e\n\n"
}
],
"value": "Under certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions"
}
],
"impacts": [
{
"capecId": "CAPEC-560",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-560 Use of Known Domain Credentials"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T23:24:21.753Z",
"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"shortName": "jci"
},
"references": [
{
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2024/jci-psa-2024-04.pdf"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eUpdate C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\u003cbr\u003e\u003c/p\u003e\u003cp\u003eChange the password for the impacted windows accounts.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\"\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update C\u2022CURE 9000 to version 3.00.2 CU02 or 3.00.3\n\n\nChange the password for the impacted windows accounts.\n\n\nDelete the api.log log file (or remove instances of passwords from the log file with a text editor) located at \"C:\\Program Files (x86)\\Tyco\\victorWebServices\\victorWebsite\\Logs\\archives\""
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CCURE passwords exposed to administrators",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
"assignerShortName": "jci",
"cveId": "CVE-2024-0912",
"datePublished": "2024-06-05T23:23:24.863Z",
"dateReserved": "2024-01-25T21:48:54.313Z",
"dateUpdated": "2024-08-01T18:18:18.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0935 (GCVE-0-2024-0935)
Vulnerability from cvelistv5 – Published: 2024-02-01 13:33 – Updated: 2024-08-01 18:18
VLAI
Title
Insertion of Sensitive Information into Log File vulnerabilities affecting DELMIA Apriso Release 2019 through Release 2024
Summary
Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024
Severity
4.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dassault Systèmes | DELMIA Apriso |
Affected:
Apriso 2019 Golden , ≤ Apriso 2019 SP5
(custom)
Affected: Apriso 2020 Golden , ≤ Apriso 2020 SP4 (custom) Affected: Apriso 2021 Golden , ≤ Apriso 2021 SP3 (custom) Affected: Apriso 2022 Golden , ≤ Apriso 2022 SP3 (custom) Affected: Apriso 2023 Golden , ≤ Apriso 2023 SP2 (custom) Affected: Apriso 2024 Golden |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0935",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T16:22:28.247755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:22.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.3ds.com/vulnerability/advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "DELMIA Apriso",
"vendor": "Dassault Syst\u00e8mes",
"versions": [
{
"lessThanOrEqual": "Apriso 2019 SP5",
"status": "affected",
"version": "Apriso 2019 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Apriso 2020 SP4",
"status": "affected",
"version": "Apriso 2020 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Apriso 2021 SP3",
"status": "affected",
"version": "Apriso 2021 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Apriso 2022 SP3",
"status": "affected",
"version": "Apriso 2022 Golden",
"versionType": "custom"
},
{
"lessThanOrEqual": "Apriso 2023 SP2",
"status": "affected",
"version": "Apriso 2023 Golden",
"versionType": "custom"
},
{
"status": "affected",
"version": "Apriso 2024 Golden"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024"
}
],
"value": "Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024"
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T14:19:00.675Z",
"orgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
"shortName": "3DS"
},
"references": [
{
"url": "https://www.3ds.com/vulnerability/advisories"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insertion of Sensitive Information into Log File vulnerabilities affecting DELMIA Apriso Release 2019 through Release 2024",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f5a594e6-46a7-4e60-8a08-0a786e70e433",
"assignerShortName": "3DS",
"cveId": "CVE-2024-0935",
"datePublished": "2024-02-01T13:33:56.772Z",
"dateReserved": "2024-01-26T09:51:54.820Z",
"dateUpdated": "2024-08-01T18:18:18.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10544 (GCVE-0-2024-10544)
Vulnerability from cvelistv5 – Published: 2024-10-31 02:03 – Updated: 2026-04-08 17:13
VLAI
Title
Woo Manage Fraud Orders <= 2.6.1 - Unauthenticated Information Exposure via Log Files
Summary
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| prasidhda | Woo Manage Fraud Orders |
Affected:
0 , ≤ 2.6.1
(semver)
|
|
| prasidhda | woo_manage_fraud_orders |
Affected:
0 , ≤ 6.1.7
(semver)
cpe:2.3:a:prasidhda:woo_manage_fraud_orders:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:prasidhda:woo_manage_fraud_orders:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "woo_manage_fraud_orders",
"vendor": "prasidhda",
"versions": [
{
"lessThanOrEqual": "6.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T13:39:40.412579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:41:34.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Woo Manage Fraud Orders",
"vendor": "prasidhda",
"versions": [
{
"lessThanOrEqual": "2.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Colin Xu"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:13:25.982Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a62df5f6-64b0-4489-9dde-0d472040ee12?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-manage-fraud-orders/trunk/includes/class-wmfo-debug-log.php#L25"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-30T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Woo Manage Fraud Orders \u003c= 2.6.1 - Unauthenticated Information Exposure via Log Files"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-10544",
"datePublished": "2024-10-31T02:03:06.954Z",
"dateReserved": "2024-10-30T13:29:55.405Z",
"dateUpdated": "2026-04-08T17:13:25.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-11165 (GCVE-0-2024-11165)
Vulnerability from cvelistv5 – Published: 2024-11-13 14:19 – Updated: 2024-11-21 16:13
VLAI
Summary
An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token. This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Information Exposure Through Log Files
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| YugabyteDB | YugabyteDB Anywhere |
Affected:
2.20.0.0 , < 2.20.7.0
(custom)
Affected: 2.23.0.0 , < 2.23.1.0 (custom) Affected: 2024.1.0.0 , < 2024.1.3.0 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:59:48.559183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:13:44.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Docker",
"Kubernetes"
],
"product": "YugabyteDB Anywhere",
"vendor": "YugabyteDB",
"versions": [
{
"lessThan": "2.20.7.0",
"status": "affected",
"version": "2.20.0.0",
"versionType": "custom"
},
{
"lessThan": "2.23.1.0",
"status": "affected",
"version": "2.23.0.0",
"versionType": "custom"
},
{
"lessThan": "2024.1.3.0",
"status": "affected",
"version": "2024.1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eAn information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the \u003ccode\u003eyb_backup\u003c/code\u003e log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token.\u0026nbsp;\u003c/span\u003e\u003cp\u003eThis issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.\u003c/p\u003e"
}
],
"value": "An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during the backup procedure, leading to potential unauthorized access to resources associated with the SAS token.\u00a0This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Data Interception"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T14:19:51.342Z",
"orgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"shortName": "Yugabyte"
},
"references": [
{
"url": "https://github.com/yugabyte/yugabyte-db/commit/920989b6c0db0222bb7a0cce46febc76cf72d438"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"assignerShortName": "Yugabyte",
"cveId": "CVE-2024-11165",
"datePublished": "2024-11-13T14:19:51.342Z",
"dateReserved": "2024-11-12T20:52:45.896Z",
"dateUpdated": "2024-11-21T16:13:44.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11193 (GCVE-0-2024-11193)
Vulnerability from cvelistv5 – Published: 2024-11-13 21:04 – Updated: 2024-11-14 14:54
VLAI
Summary
An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access to these logs to view the LDAP bind password. An attacker with log access could exploit this vulnerability to gain unauthorized access to the LDAP server, leading to potential exposure or compromise of LDAP-managed resources
This issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Information Exposure Through Log Files
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| YugabyteDB | YugabyteDB Anywhere |
Affected:
2.20.0.0 , < 2.20.7.0
(custom)
Affected: 2.23.0.0 , < 2.23.1.0 (custom) Affected: 2024.1.0.0 , < 2024.1.3.0 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-11193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T14:51:47.510862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T14:54:38.382Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"Docker",
"Kubernetes"
],
"product": "YugabyteDB Anywhere",
"vendor": "YugabyteDB",
"versions": [
{
"lessThan": "2.20.7.0",
"status": "affected",
"version": "2.20.0.0",
"versionType": "custom"
},
{
"lessThan": "2.23.1.0",
"status": "affected",
"version": "2.23.0.0",
"versionType": "custom"
},
{
"lessThan": "2024.1.3.0",
"status": "affected",
"version": "2024.1.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access to these logs to view the LDAP bind password.\u0026nbsp;An attacker with log access could exploit this vulnerability to gain unauthorized access to the LDAP server, leading to potential exposure or compromise of LDAP-managed resources\u003cbr\u003e\u003cp\u003eThis issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0.\u003c/p\u003e"
}
],
"value": "An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access to these logs to view the LDAP bind password.\u00a0An attacker with log access could exploit this vulnerability to gain unauthorized access to the LDAP server, leading to potential exposure or compromise of LDAP-managed resources\nThis issue affects YugabyteDB Anywhere: from 2.20.0.0 before 2.20.7.0, from 2.23.0.0 before 2.23.1.0, from 2024.1.0.0 before 2024.1.3.0."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Data Interception"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Information Exposure Through Log Files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T21:04:12.910Z",
"orgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"shortName": "Yugabyte"
},
"references": [
{
"url": "https://github.com/yugabyte/yugabyte-db/commit/0bf6e5a3e9c0718a28e654483596615d0798b208"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d4ae51d3-4db5-465e-bc8a-eb6768324078",
"assignerShortName": "Yugabyte",
"cveId": "CVE-2024-11193",
"datePublished": "2024-11-13T21:04:12.910Z",
"dateReserved": "2024-11-13T19:40:02.532Z",
"dateUpdated": "2024-11-14T14:54:38.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11604 (GCVE-0-2024-11604)
Vulnerability from cvelistv5 – Published: 2026-03-27 14:08 – Updated: 2026-03-27 14:49
VLAI
Title
Insertion of Sensitive Information into Log File
Summary
Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.netiq.com/documentation/identity-mana… | release-notes |
| https://www.netiq.com/documentation/identity-mana… | release-notes |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| OpenText | IDM Driver and Extensions |
Affected:
1.0.0.0000 , ≤ 1.0.1.0300
(rpm, zip)
Affected: 1.1.0.0000 (rpm, zip) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T14:48:05.037247Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T14:49:21.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"SCIM Driver"
],
"platforms": [
"Windows",
"Linux",
"64 bit"
],
"product": "IDM Driver and Extensions",
"vendor": "OpenText",
"versions": [
{
"lessThanOrEqual": "1.0.1.0300",
"status": "affected",
"version": "1.0.0.0000",
"versionType": "rpm, zip"
},
{
"status": "affected",
"version": "1.1.0.0000",
"versionType": "rpm, zip"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files.\u003cp\u003eThis issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through 1.0.1.0300 and 1.1.0.0000."
}
],
"impacts": [
{
"capecId": "CAPEC-215",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-215 Fuzzing for application mapping"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:N/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T14:08:59.958Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "OpenText"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://www.netiq.com/documentation/identity-manager-49-drivers/SCIMDriver1.1.0.0100_readme/data/SCIMDriver1.1.0.0100_readme.html"
},
{
"tags": [
"release-notes"
],
"url": "https://www.netiq.com/documentation/identity-manager-48-drivers/SCIMDriver1.0.1.0400_readme/data/SCIMDriver1.0.1.0400_readme.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insertion of Sensitive Information into Log File",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "OpenText",
"cveId": "CVE-2024-11604",
"datePublished": "2026-03-27T14:08:59.958Z",
"dateReserved": "2024-11-21T18:38:16.507Z",
"dateUpdated": "2026-03-27T14:49:21.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Phase: Distribution
Description:
- Remove debug log files before deploying the application into production.
Mitigation
Phase: Operation
Description:
- Protect log files against unauthorized read/write.
Mitigation
Phase: Implementation
Description:
- Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.