CWE-532 Base Incompleto Medium likelihood

Insertion of Sensitive Information into Log File

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.

Definição

What is CWE-532?

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.
Developers often add logging statements for debugging, but these can accidentally capture sensitive user data or system secrets. When these logs are stored insecurely or with broad permissions, attackers can read them to steal credentials, impersonate users, or gain unauthorized access to internal systems. This is a common oversight that turns a routine troubleshooting tool into a significant security liability. Preventing this requires careful code reviews to sanitize log output and configuring loggers to exclude sensitive fields. While SAST tools can catch the pattern, Plexicus uses AI to suggest the actual code fix—like replacing a sensitive value with a hash or redacting it entirely—saving hours of manual work. Managing this at scale across numerous applications is difficult; an ASPM like Plexicus can help you track and remediate these flaws across your entire software stack.
Vulnerability Diagram CWE-532
Insertion of Sensitive Information into Log Login handler log.info("body: " + body) app.log 11:00 INFO POST /login body: {user:"a", pw:"hunter2"} cookie: session=abc123 card: 4111-1111-1111-1111 11:01 INFO ... Anyone w/ logs SIEM, support, CI Secrets and PII written to logs end up in many systems and people.
Impacto no mundo real

Real-world CVEs caused by CWE-532

  • CVE-2017-9615

    verbose logging stores admin credentials in a world-readable log file

  • CVE-2018-1999036

    SSH password for private key stored in build log

Como os atacantes a exploram

Trajeto do atacante passo a passo

  1. 1

    In the following code snippet, a user's full name and credit card number are written to a log file.

  2. 2

    This code stores location information about the current user:

  3. 3

    When the application encounters an exception it will write the user object to the log. Because the user object contains location information, the user's location is also written to the log.

  4. 4

    In the example below, the method getUserBankAccount retrieves a bank account object from a database using the supplied username and account number to query the database. If an SQLException is raised when querying the database, an error message is created and output to a log file.

  5. 5

    The error message that is created includes information about the database query that may contain sensitive information about the database or query logic. In this case, the error message will expose the table name and column names used in the database. This data could be used to simplify other attacks, such as SQL injection (CWE-89) to directly access the database.

Exemplo de código vulnerável

Vulnerable Java

In the following code snippet, a user's full name and credit card number are written to a log file.

Vulnerável Java 
logger.info("Username: " + usernme + ", CCN: " + ccn);
Exemplo de código seguro

Secure pseudo

Seguro pseudo 
// Validate, sanitize, or use a safe API before reaching the sink.
function handleRequest(input) {
  const safe = validateAndEscape(input);
  return executeWithGuards(safe);
}
What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Lista de verificação de prevenção

How to prevent CWE-532

  • Architecture and Design / Implementation Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
  • Distribution Remove debug log files before deploying the application into production.
  • Operation Protect log files against unauthorized read/write.
  • Implementation Adjust configurations appropriately when software is transitioned from a debug state to production.
Sinais de deteção

How to detect CWE-532

Automated Static Analysis High

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Correção automática do Plexicus

O Plexicus deteta automaticamente o CWE-532 e abre um PR de correção em menos de 60 segundos.

O Codex Remedium analisa cada commit, identifica esta fraqueza exata e entrega um pull request pronto para revisão com o patch. Sem tickets. Sem transferências.

Obter uma demonstração Experimente o Plexicus gratuitamente
Perguntas frequentes

Frequently asked questions

O que é o CWE-532?

This vulnerability occurs when an application unintentionally writes confidential data, such as passwords or API keys, into its log files.

Qual a gravidade do CWE-532?

A MITRE classifica a probabilidade de exploração como Média — a exploração é realista mas normalmente requer condições específicas.

Que linguagens ou plataformas são afetadas pelo CWE-532?

A MITRE não especificou as plataformas afetadas por este CWE — pode aplicar-se à maioria das stacks de aplicações.

Como posso prevenir o CWE-532?

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files. Remove debug log files before deploying the application into production.

Como é que o Plexicus deteta e corrige o CWE-532?

O motor SAST do Plexicus correlaciona a assinatura de fluxo de dados do CWE-532 em cada commit. Quando é encontrada uma correspondência, o nosso agente Codex Remedium abre um PR de correção com o código corrigido, testes e um resumo de uma linha para o revisor.

Onde posso saber mais sobre o CWE-532?

A MITRE publica a definição canónica em https://cwe.mitre.org/data/definitions/532.html. Pode também consultar a documentação da OWASP e do NIST para orientações adjacentes.

Fraquezas relacionadas

Weaknesses related to CWE-532

CWE-538 Pai

Insertion of Sensitive Information into Externally-Accessible File or Directory

This vulnerability occurs when an application unintentionally stores confidential data—like passwords, API keys, or personal user…

CWE-540 Irmão

Inclusion of Sensitive Information in Source Code

This vulnerability occurs when sensitive information like passwords, API keys, or internal logic is exposed within source code that…

CWE-651 Irmão

Exposure of WSDL File Containing Sensitive Information

This vulnerability occurs when a Web Service Definition Language (WSDL) file, which acts as a public blueprint for a web service, is…

Recursos

Further reading

Pronto quando você estiver

Pare de pagar por desenvolvedor.
Comece a fechar o ciclo.

O Plexicus é o ASPM nativo de IA que verifica, filtra, corrige, pentesta e explica — de forma autónoma. Programadores ilimitados, repos ilimitados, ações de IA de utilização justa. Nível gratuito real, €269/mo anual quando estiver pronto.

Começar grátis Reservar uma demo