CWE-532 Base Incomplete Medium likelihood

Insertion of Sensitive Information into Log File

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.

Definition

What is CWE-532?

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.
Developers often add logging statements for debugging, but these can accidentally capture sensitive user data or system secrets. When these logs are stored insecurely or with broad permissions, attackers can read them to steal credentials, impersonate users, or gain unauthorized access to internal systems. This is a common oversight that turns a routine troubleshooting tool into a significant security liability. Preventing this requires careful code reviews to sanitize log output and configuring loggers to exclude sensitive fields. While SAST tools can catch the pattern, Plexicus uses AI to suggest the actual code fix—like replacing a sensitive value with a hash or redacting it entirely—saving hours of manual work. Managing this at scale across numerous applications is difficult; an ASPM like Plexicus can help you track and remediate these flaws across your entire software stack.
Vulnerability Diagram CWE-532
Insertion of Sensitive Information into Log Login handler log.info("body: " + body) app.log 11:00 INFO POST /login body: {user:"a", pw:"hunter2"} cookie: session=abc123 card: 4111-1111-1111-1111 11:01 INFO ... Anyone w/ logs SIEM, support, CI Secrets and PII written to logs end up in many systems and people.
Auswirkungen in der Praxis

Real-world CVEs caused by CWE-532

  • CVE-2017-9615

    verbose logging stores admin credentials in a world-readable log file

  • CVE-2018-1999036

    SSH password for private key stored in build log

Wie Angreifer es ausnutzen

Angreiferpfad Schritt für Schritt

  1. 1

    In the following code snippet, a user's full name and credit card number are written to a log file.

  2. 2

    This code stores location information about the current user:

  3. 3

    When the application encounters an exception it will write the user object to the log. Because the user object contains location information, the user's location is also written to the log.

  4. 4

    In the example below, the method getUserBankAccount retrieves a bank account object from a database using the supplied username and account number to query the database. If an SQLException is raised when querying the database, an error message is created and output to a log file.

  5. 5

    The error message that is created includes information about the database query that may contain sensitive information about the database or query logic. In this case, the error message will expose the table name and column names used in the database. This data could be used to simplify other attacks, such as SQL injection (CWE-89) to directly access the database.

Verwundbares Codebeispiel

Vulnerable Java

In the following code snippet, a user's full name and credit card number are written to a log file.

Verwundbar Java 
logger.info("Username: " + usernme + ", CCN: " + ccn);
Sicheres Codebeispiel

Secure pseudo

Sicher pseudo 
// Validate, sanitize, or use a safe API before reaching the sink.
function handleRequest(input) {
  const safe = validateAndEscape(input);
  return executeWithGuards(safe);
}
What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Präventions-Checkliste

How to prevent CWE-532

  • Architecture and Design / Implementation Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
  • Distribution Remove debug log files before deploying the application into production.
  • Operation Protect log files against unauthorized read/write.
  • Implementation Adjust configurations appropriately when software is transitioned from a debug state to production.
Erkennungssignale

How to detect CWE-532

Automated Static Analysis High

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Plexicus Auto-Fix

Plexicus erkennt CWE-532 automatisch und öffnet in unter 60 Sekunden einen Fix-PR.

Codex Remedium scannt jeden Commit, identifiziert genau diese Schwachstelle und liefert einen reviewer-ready Pull Request mit dem Patch. Keine Tickets. Keine Hand-offs.

Demo anfordern Plexicus kostenlos testen
Häufig gestellte Fragen

Frequently asked questions

Was ist CWE-532?

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.

Wie gravierend ist CWE-532?

MITRE stuft die Exploit-Wahrscheinlichkeit als mittel ein — eine Ausnutzung ist realistisch, erfordert aber meist bestimmte Bedingungen.

Welche Sprachen oder Plattformen sind von CWE-532 betroffen?

MITRE hat für diese CWE keine betroffenen Plattformen spezifiziert — sie kann in den meisten Anwendungs-Stacks auftreten.

Wie kann ich CWE-532 verhindern?

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files. Remove debug log files before deploying the application into production.

Wie erkennt und behebt Plexicus CWE-532?

Die SAST-Engine von Plexicus erkennt die Datenfluss-Signatur von CWE-532 bei jedem Commit. Bei einem Treffer öffnet unser Codex-Remedium-Agent einen Fix-PR mit korrigiertem Code, Tests und einer einzeiligen Zusammenfassung für den Reviewer.

Wo erfahre ich mehr über CWE-532?

MITRE veröffentlicht die kanonische Definition unter https://cwe.mitre.org/data/definitions/532.html. Für ergänzende Hinweise kannst du auch die OWASP- und NIST-Dokumentation heranziehen.

Verwandte Schwachstellen

Weaknesses related to CWE-532

CWE-538 Parent

Insertion of Sensitive Information into Externally-Accessible File or Directory

This vulnerability occurs when an application unintentionally stores confidential data—like passwords, API keys, or personal user…

CWE-540 Sibling

Inclusion of Sensitive Information in Source Code

This vulnerability occurs when sensitive information like passwords, API keys, or internal logic is exposed within source code that…

CWE-651 Sibling

Exposure of WSDL File Containing Sensitive Information

This vulnerability occurs when a Web Service Definition Language (WSDL) file, which acts as a public blueprint for a web service, is…

Ressourcen

Further reading

Bereit, wenn du es bist

Schluss mit dem Bezahlen pro Entwickler.
Schließ den Kreislauf.

Plexicus ist die KI-native ASPM, die scannt, filtert, fixt, pentestet und erklärt — autonom. Unbegrenzte Entwickler, unbegrenzte Repos, Fair-Use-KI-Aktionen. Echter kostenloser Tarif, €269/mo jährlich, wenn du bereit bist.

Kostenlos starten Demo buchen