Total
51 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-23405 | 2025-02-28 | N/A | 5.3 MEDIUM | ||
| Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks (ex log injection). | |||||
| CVE-2025-25184 | 2025-02-14 | N/A | N/A | ||
| Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious content into logs. When a user provides the authorization credentials via Rack::Auth::Basic, if success, the username will be put in env['REMOTE_USER'] and later be used by Rack::CommonLogger for logging purposes. The issue occurs when a server intentionally or unintentionally allows a user creation with the username contain CRLF and white space characters, or the server just want to log every login attempts. If an attacker enters a username with CRLF character, the logger will log the malicious username with CRLF characters into the logfile. Attackers can break log formats or insert fraudulent entries, potentially obscuring real activity or injecting malicious data into log files. Versions 2.2.11, 3.0.12, and 3.1.10 contain a fix. | |||||
| CVE-2024-22356 | 1 Ibm | 3 App Connect Enterprise, Integration Bus, Z\/os | 2025-01-28 | N/A | 4.9 MEDIUM |
| IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. IBM X-Force ID: 280893. | |||||
| CVE-2025-0754 | 2025-01-28 | N/A | 4.3 MEDIUM | ||
| The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh logs, leading to log injection and spoofing attacks. Such injections can mislead logging mechanisms, enabling attackers to manipulate log entries or execute reflected cross-site scripting (XSS) attacks. | |||||
| CVE-2023-28952 | 1 Ibm | 1 Cognos Controller | 2025-01-07 | N/A | 5.3 MEDIUM |
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463. | |||||
| CVE-2024-7696 | 2025-01-07 | N/A | 6.3 MEDIUM | ||
| Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using maliciously crafted audit log entries. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | |||||
| CVE-2024-32474 | 2024-11-21 | N/A | 7.3 HIGH | ||
| Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the _event_: `auth-index.validate_superuser`. An attacker with access to the log data could use these leaked credentials to login to the Sentry system as superuser. Self-hosted users on affected versions should upgrade to 24.4.1 or later. Users can configure the logging level to exclude logs of the `INFO` level and only generate logs for levels at `WARNING` or more. | |||||
| CVE-2024-23194 | 2024-11-21 | N/A | 3.3 LOW | ||
| Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 (MR1). | |||||
| CVE-2024-0095 | 2024-11-21 | N/A | 9.0 CRITICAL | ||
| NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-6484 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. | |||||
| CVE-2023-46713 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 5.3 MEDIUM |
| An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may allow an attacker to forge traffic logs via a crafted URL of the web application. | |||||
| CVE-2023-46322 | 1 Iterm2 | 1 Iterm2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period. | |||||
| CVE-2023-46321 | 1 Iterm2 | 1 Iterm2 | 2024-11-21 | N/A | 9.8 CRITICAL |
| iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line. | |||||
| CVE-2023-38020 | 1 Ibm | 1 Soar Qradar Plugin App | 2024-11-21 | N/A | 4.3 MEDIUM |
| IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576. | |||||
| CVE-2023-37275 | 1 Agpt | 1 Auto-gpt | 2024-11-21 | N/A | 3.1 LOW |
| Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GPT command line UI makes heavy use of color-coded print statements to signify different types of system messages to the user, including messages that are crucial for the user to review and control which commands should be executed. Before v0.4.3, it was possible for a malicious external resource (such as a website browsed by Auto-GPT) to cause misleading messages to be printed to the console by getting the LLM to regurgitate JSON encoded ANSI escape sequences (`\u001b[`). These escape sequences were JSON decoded and printed to the console as part of the model's "thinking process". The issue has been patched in release version 0.4.3. | |||||
| CVE-2023-36924 | 1 Sap | 1 Erp Defense Forces And Public Security | 2024-11-21 | N/A | 4.9 MEDIUM |
| While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application. | |||||
| CVE-2023-31405 | 1 Sap | 1 Netweaver Application Server For Java | 2024-11-21 | N/A | 5.3 MEDIUM |
| SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability. | |||||
| CVE-2023-0595 | 1 Schneider-electric | 4 Clearscada, Ecostruxure Geo Scada Expert 2019, Ecostruxure Geo Scada Expert 2020 and 1 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443). Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions) | |||||
| CVE-2022-1522 | 1 Cognex | 2 3d-a1000 Dimensioning System, 3d-a1000 Dimensioning System Firmware | 2024-11-21 | N/A | 5.3 MEDIUM |
| The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that show the password as having been changed when it is not, complicating forensics. | |||||
| CVE-2020-4072 | 1 Jhipster | 1 Generator-jhipster-kotlin | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user and the api is public this can be used by an attacker to forge log entries. This is vulnerable to https://cwe.mitre.org/data/definitions/117.html This problem affects only application generated with jwt or session authentication. Applications using oauth are not vulnerable. This issue has been fixed in version 1.7.0. | |||||