Sensitive Information Disclosure in Log Files
Variants:
Direct
Also Known As:
Information Leak Through Log Files
Vector Type:
Vulnerability
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Logging, Information Disclosure Prevention, Content Encryption
Invented In:
01/01/1999
Added In:
21/12/2014
Vector Operation Method:
The log files contains sensitive information that should not be logged, such as passwords, valid clear-text session identifiers, credit cards, etc.
