CWE-534
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-534page 1 of 1
- CVE-2017-11398HIGHCVSS 8.82018-01-19
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a v…
- CVE-2020-2004MEDIUMCVSS 6.8EG 6.82020-05-13
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this…
- CVE-2021-3037LOWCVSS 2.3EG 2.32021-04-20
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext user…
- CVE-2023-5028LOWCVSS 2.0EG 2.02023-09-17
A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04_CT2015_Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log fi…
Map vulnerabilities like CWE-534 to your infrastructure
EchelonGraph correlates every CVE — across CWE-534 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →