Common Weakness Enumeration

CWE-532

Allowed

Insertion of Sensitive Information into Log File

Abstraction: Base · Status: Incomplete

The product writes sensitive information to a log file.

1743 vulnerabilities reference this CWE, most recent first.

CVE-2025-52580 (GCVE-0-2025-52580)

Vulnerability from cvelistv5 – Published: 2025-07-22 04:49 – Updated: 2025-07-22 15:36
VLAI
Summary
Insertion of sensitive information into log file issue exists in "region PAY" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of sensitive information into log file
Assigner
References
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52580",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-22T15:19:47.477187Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-22T15:36:00.332Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "\"region PAY\" App for Android",
          "vendor": "Gift Pad Co.,Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 1.5.28"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insertion of sensitive information into log file issue exists in \"region PAY\" App for Android prior to 1.5.28. If exploited, sensitive user information may be exposed to an attacker who has access to the application logs."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Insertion of sensitive information into log file",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-22T04:49:33.459Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://jvn.jp/en/jp/JVN07825095/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-52580",
    "datePublished": "2025-07-22T04:49:33.459Z",
    "dateReserved": "2025-07-15T01:02:40.018Z",
    "dateUpdated": "2025-07-22T15:36:00.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-50200 (GCVE-0-2025-50200)

Vulnerability from cvelistv5 – Published: 2025-06-19 16:14 – Updated: 2025-06-20 17:43
VLAI
Title
RabbitMQ Node can log Basic Auth header from an HTTP request
Summary
RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
rabbitmq rabbitmq-server Affected: <= 3.13.7
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-50200",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-20T17:42:45.496505Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-20T17:43:55.579Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "rabbitmq-server",
          "vendor": "rabbitmq",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 3.13.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-19T16:14:24.919Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-gh3x-4x42-fvq8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-gh3x-4x42-fvq8"
        }
      ],
      "source": {
        "advisory": "GHSA-gh3x-4x42-fvq8",
        "discovery": "UNKNOWN"
      },
      "title": "RabbitMQ Node can log Basic Auth header from an HTTP request"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-50200",
    "datePublished": "2025-06-19T16:14:24.919Z",
    "dateReserved": "2025-06-13T19:17:51.728Z",
    "dateUpdated": "2025-06-20T17:43:55.579Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49846 (GCVE-0-2025-49846)

Vulnerability from cvelistv5 – Published: 2025-07-03 16:41 – Updated: 2025-07-03 19:23
VLAI
Title
wire-ios accidentally logs message contents
Summary
wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected, especially not the logs users can export and send to Wire support. The iOS logs can only be accessed if someone had (physical) access to the underlying unlocked device. The issue manifested itself by calling canOpenUrl() and passing an invalid URL object. When iOS then performs the check and fails, it logs the contents to the system log. This is not documented behaviour. Wire released an emergency fix with version 3.124.1. As a workaround, users can reset their iOS device to remove the offending logs. Since Wire cannot access or modify iOS system logs, there's no other workaround other than a reset.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-117 - Improper Output Neutralization for Logs
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
Impacted products
Vendor Product Version
wireapp wire-ios Affected: >= 3.111.1, < 3.124.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49846",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-03T19:20:55.941143Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-03T19:23:39.700Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "wire-ios",
          "vendor": "wireapp",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.111.1, \u003c 3.124.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected, especially not the logs users can export and send to Wire support. The iOS logs can only be accessed if someone had (physical) access to the underlying unlocked device. The issue manifested itself by calling canOpenUrl() and passing an invalid URL object. When iOS then performs the check and fails, it logs the contents to the system log. This is not documented behaviour. Wire released an emergency fix with version 3.124.1. As a workaround, users can reset their iOS device to remove the offending logs. Since Wire cannot access or modify iOS system logs, there\u0027s no other workaround other than a reset."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-117",
              "description": "CWE-117: Improper Output Neutralization for Logs",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-03T16:41:34.228Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/wireapp/wire-ios/security/advisories/GHSA-pj5p-96xx-hc7m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/wireapp/wire-ios/security/advisories/GHSA-pj5p-96xx-hc7m"
        },
        {
          "name": "https://github.com/wireapp/wire-ios/commit/0cff0e4298d87c2c56de07f3fb18d3e8e5a68fa3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/wireapp/wire-ios/commit/0cff0e4298d87c2c56de07f3fb18d3e8e5a68fa3"
        },
        {
          "name": "https://github.com/wireapp/wire-ios/releases/tag/appstore%2F3.124.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/wireapp/wire-ios/releases/tag/appstore%2F3.124.1"
        }
      ],
      "source": {
        "advisory": "GHSA-pj5p-96xx-hc7m",
        "discovery": "UNKNOWN"
      },
      "title": "wire-ios accidentally logs message contents"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-49846",
    "datePublished": "2025-07-03T16:41:34.228Z",
    "dateReserved": "2025-06-11T14:33:57.800Z",
    "dateUpdated": "2025-07-03T19:23:39.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49009 (GCVE-0-2025-49009)

Vulnerability from cvelistv5 – Published: 2025-06-05 16:40 – Updated: 2025-06-17 13:54
VLAI
Title
Para Inserts Sensitive Information into Log File for Facebook authentication
Summary
Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in `FacebookAuthFilter.java` results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access token in plain text. Since WARN-level logs are often retained in production and accessible to operators or log aggregation systems, this poses a risk of token exposure. Version 1.50.8 fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
Erudika para Affected: < 1.50.8
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49009",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T13:54:10.822111Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T13:54:23.657Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "para",
          "vendor": "Erudika",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.50.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in `FacebookAuthFilter.java` results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user\u0027s access token in plain text. Since WARN-level logs are often retained in production and accessible to operators or log aggregation systems, this poses a risk of token exposure. Version 1.50.8 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-05T16:40:27.978Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Erudika/para/security/advisories/GHSA-qx7g-fx8q-545g",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Erudika/para/security/advisories/GHSA-qx7g-fx8q-545g"
        },
        {
          "name": "https://github.com/Erudika/para/commit/46a908d887da02037384193f70a69345f04887cf",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Erudika/para/commit/46a908d887da02037384193f70a69345f04887cf"
        }
      ],
      "source": {
        "advisory": "GHSA-qx7g-fx8q-545g",
        "discovery": "UNKNOWN"
      },
      "title": "Para Inserts Sensitive Information into Log File for Facebook authentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-49009",
    "datePublished": "2025-06-05T16:40:27.978Z",
    "dateReserved": "2025-05-29T16:34:07.176Z",
    "dateUpdated": "2025-06-17T13:54:23.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-48955 (GCVE-0-2025-48955)

Vulnerability from cvelistv5 – Published: 2025-06-02 11:11 – Updated: 2025-06-02 16:47
VLAI
Title
Para Server Logs Sensitive Information
Summary
Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 exposes both access and secret keys in logs without redaction. These credentials are later reused in variable assignments for persistence but do not require logging for debugging or system health purposes. Version 1.50.8 fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
Erudika para Affected: < 1.50.8
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48955",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-02T16:46:31.470097Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-02T16:47:02.156Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "para",
          "vendor": "Erudika",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.50.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 exposes both access and secret keys in logs without redaction. These credentials are later reused in variable assignments for persistence but do not require logging for debugging or system health purposes. Version 1.50.8 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-02T11:11:22.722Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Erudika/para/security/advisories/GHSA-v75g-77vf-6jjq",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Erudika/para/security/advisories/GHSA-v75g-77vf-6jjq"
        },
        {
          "name": "https://github.com/Erudika/para/commit/1e8a89558542854bb0683ab234c4429ad93b0835",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Erudika/para/commit/1e8a89558542854bb0683ab234c4429ad93b0835"
        }
      ],
      "source": {
        "advisory": "GHSA-v75g-77vf-6jjq",
        "discovery": "UNKNOWN"
      },
      "title": "Para Server Logs Sensitive Information"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48955",
    "datePublished": "2025-06-02T11:11:22.722Z",
    "dateReserved": "2025-05-28T18:49:07.585Z",
    "dateUpdated": "2025-06-02T16:47:02.156Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-48709 (GCVE-0-2025-48709)

Vulnerability from cvelistv5 – Published: 2025-08-07 00:00 – Updated: 2025-12-01 21:57
VLAI
Title
BMC Control-M/Server cleartext database credentials in process lists and logs
Summary
BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on, it runs 'DBUStatus.exe' frequently, which then calls 'dbu_connection_details.vbs' with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations. Fixed in PACTV.9.0.21.307.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
  • CWE-214 - Invocation of Process Using Visible Sensitive Information
Assigner
Impacted products
Vendor Product Version
BMC Control-M/Server Affected: 9.0.21.300 , < PACTV.9.0.21.307 (custom)
Unaffected: PACTV.9.0.21.307
Create a notification for this product.
bmc control-m Affected: 9.0.21.300 , < 9.0.21.300 PACTV.9.0.21.307 (custom)
Unaffected: PACTV.9.0.21.307
    cpe:2.3:a:bmc:control-m:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2025-08-06 00:00
Credits
Derrick Polakoff
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:bmc:control-m:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "control-m",
            "vendor": "bmc",
            "versions": [
              {
                "lessThan": "9.0.21.300 PACTV.9.0.21.307",
                "status": "affected",
                "version": "9.0.21.300",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "PACTV.9.0.21.307"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-27T15:23:04.978628Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-01T21:57:06.906Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Control-M/Server",
          "vendor": "BMC",
          "versions": [
            {
              "lessThan": "PACTV.9.0.21.307",
              "status": "affected",
              "version": "9.0.21.300",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "PACTV.9.0.21.307"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Derrick Polakoff"
        }
      ],
      "datePublic": "2025-08-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on, it runs \u0027DBUStatus.exe\u0027 frequently, which then calls \u0027dbu_connection_details.vbs\u0027 with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations. Fixed in PACTV.9.0.21.307."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "other": {
            "content": {
              "id": "CVE-2025-48709",
              "options": [
                {
                  "Exploitation": "poc"
                },
                {
                  "Automatable": "no"
                },
                {
                  "Technical Impact": "partial"
                }
              ],
              "role": "CISA Coordinator",
              "timestamp": "2025-10-02T16:23:53.246063Z",
              "version": "2.0.3"
            },
            "type": "ssvc"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-214",
              "description": "CWE-214 Invocation of Process Using Visible Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T21:20:49.549Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "name": "url",
          "url": "https://docs.bmc.com/xwiki/bin/view/Control-M-Orchestration/Control-M/ctm9021/Patches/Control-M-Server-PACTV-9-0-21-307/"
        }
      ],
      "title": "BMC Control-M/Server cleartext database credentials in process lists and logs"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-48709",
    "datePublished": "2025-08-07T00:00:00.000Z",
    "dateReserved": "2025-05-23T00:00:00.000Z",
    "dateUpdated": "2025-12-01T21:57:06.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48493 (GCVE-0-2025-48493)

Vulnerability from cvelistv5 – Published: 2025-06-05 16:33 – Updated: 2025-06-09 20:52
VLAI
Title
Yii 2 Redis may expose AUTH paramters in logs in case of connection failure
Summary
The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
yiisoft yii2-redis Affected: < 2.0.20
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-09T20:52:32.159781Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-09T20:52:45.538Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "yii2-redis",
          "vendor": "yiisoft",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.0.20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-05T16:33:20.330Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/yiisoft/yii2-redis/security/advisories/GHSA-g3p6-82vc-43jh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/yiisoft/yii2-redis/security/advisories/GHSA-g3p6-82vc-43jh"
        },
        {
          "name": "https://github.com/yiisoft/yii2-redis/commit/962252d2c57c187181e67bb66da3f27b4698358d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yiisoft/yii2-redis/commit/962252d2c57c187181e67bb66da3f27b4698358d"
        }
      ],
      "source": {
        "advisory": "GHSA-g3p6-82vc-43jh",
        "discovery": "UNKNOWN"
      },
      "title": "Yii 2 Redis may expose AUTH paramters in logs in case of connection failure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48493",
    "datePublished": "2025-06-05T16:33:20.330Z",
    "dateReserved": "2025-05-22T12:11:39.121Z",
    "dateUpdated": "2025-06-09T20:52:45.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-48374 (GCVE-0-2025-48374)

Vulnerability from cvelistv5 – Published: 2025-05-22 20:43 – Updated: 2025-05-23 14:33
VLAI
Title
zot logs secrets
Summary
zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f), when using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout logs for an example at container startup. Version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f) fixes the issue.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Vendor Product Version
project-zot zot Affected: < 1.4.4-0.20250522160828-8a99a3ed231f
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48374",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-23T14:29:24.291687Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-23T14:33:24.239Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "zot",
          "vendor": "project-zot",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.4-0.20250522160828-8a99a3ed231f"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "zot is ancontainer image/artifact registry based on the Open Container Initiative Distribution Specification. Prior to version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f), when using Keycloak as an oidc provider, the clientsecret gets printed into the container stdout logs for an example at container startup. Version 2.1.3 (corresponding to pseudoversion 1.4.4-0.20250522160828-8a99a3ed231f) fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-22T20:43:13.708Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/project-zot/zot/security/advisories/GHSA-c37v-3c8w-crq8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/project-zot/zot/security/advisories/GHSA-c37v-3c8w-crq8"
        },
        {
          "name": "https://github.com/project-zot/zot/commit/8a99a3ed231fdcd8467e986182b4705342b6a15e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/project-zot/zot/commit/8a99a3ed231fdcd8467e986182b4705342b6a15e"
        }
      ],
      "source": {
        "advisory": "GHSA-c37v-3c8w-crq8",
        "discovery": "UNKNOWN"
      },
      "title": "zot logs secrets"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48374",
    "datePublished": "2025-05-22T20:43:13.708Z",
    "dateReserved": "2025-05-19T15:46:00.395Z",
    "dateUpdated": "2025-05-23T14:33:24.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-47979 (GCVE-0-2025-47979)

Vulnerability from cvelistv5 – Published: 2025-10-14 17:00 – Updated: 2026-02-22 17:24
VLAI
Title
Microsoft Failover Cluster Information Disclosure Vulnerability
Summary
Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Date Public
2025-10-14 14:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-47979",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-14T20:01:17.398528Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-14T20:03:03.842Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.25398.1913",
              "status": "affected",
              "version": "10.0.25398.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.6899",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2025 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.26100.6899",
              "status": "affected",
              "version": "10.0.26100.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.6899",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.25398.1913",
                  "versionStartIncluding": "10.0.25398.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.26100.6899",
                  "versionStartIncluding": "10.0.26100.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2025-10-14T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532: Insertion of Sensitive Information into Log File",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-22T17:24:55.793Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft Failover Cluster Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47979"
        }
      ],
      "title": "Microsoft Failover Cluster Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2025-47979",
    "datePublished": "2025-10-14T17:00:46.877Z",
    "dateReserved": "2025-05-14T14:44:20.083Z",
    "dateUpdated": "2026-02-22T17:24:55.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-46777 (GCVE-0-2025-46777)

Vulnerability from cvelistv5 – Published: 2025-05-28 07:56 – Updated: 2025-05-28 13:30
VLAI
Summary
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Fortinet FortiPortal Affected: 7.4.0
Affected: 7.2.0 , ≤ 7.2.5 (semver)
Affected: 7.0.0 , ≤ 7.0.9 (semver)
    cpe:2.3:a:fortinet:fortiportal:7.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortiportal:7.0.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46777",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T13:30:18.489150Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T13:30:23.832Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiportal:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiportal:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiPortal",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "lessThanOrEqual": "7.2.5",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.9",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-28T07:56:03.616Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-380",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-380"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiPortal version 7.4.2 or above \nPlease upgrade to FortiPortal version 7.4.1 or above \nPlease upgrade to FortiPortal version 7.2.6 or above \nPlease upgrade to FortiPortal version 7.0.10 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2025-46777",
    "datePublished": "2025-05-28T07:56:03.616Z",
    "dateReserved": "2025-04-29T08:42:13.449Z",
    "dateUpdated": "2025-05-28T13:30:23.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Mitigation
Distribution

Remove debug log files before deploying the application into production.

Mitigation
Operation

Protect log files against unauthorized read/write.

Mitigation
Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

CAPEC-215: Fuzzing for application mapping

An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.