CVE-2024-48852

MEDIUM Year: 2024
CVSS v3 Score
9.4
Critical
Weakness Type
CWE-532
View all →

Vulnerability Description

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.

Related Vulnerabilities

CVE-2025-22275

CRITICAL
CVSS:9.3(Critical)

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ss...

CWE-5322025

CVE-2021-22533

CRITICAL
CVSS:9.1(Critical)

Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenTextâ„¢ eDirectory 9.2.4.0000.

CWE-5322021

CVE-2023-36649

CRITICAL
CVSS:9.1(Critical)

Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by ...

CWE-5322023

CVE-2023-46668

CRITICAL
CVSS:9.1(Critical)

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect a...

CWE-5322023

CVE-2016-8233

CRITICAL
CVSS:9.8(Critical)

Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user.

CWE-5322016

CVE-2017-1000171

CRITICAL
CVSS:9.8(Critical)

Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.

CWE-5322017