Insertion of Sensitive Information into Log File
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-532: Insertion of Sensitive Information into Log File |
| OWASP | A09:2021 - Security Logging and Monitoring Failures |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Sensitive information like API keys, secrets, credentials, tokens, or passwords is being written to log files through logger statements. Logging such data exposes confidential details that should remain private.
Impact#
If log files containing secrets are accessed by unauthorized users or attackers, they can compromise accounts, gain unauthorized system access, or further exploit the application. This can lead to data breaches, service disruption, and loss of trust in the organization.