Description
The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.
Extended Description
While logging is a good practice in general, and very high levels of logging are appropriate for debugging stages of development, too much logging in a production environment might hinder a system administrator's ability to detect anomalous conditions. This can provide cover for an attacker while attempting to penetrate a system, clutter the audit trail for forensic analysis, or make it more difficult to debug problems in a production environment.
CVE vulnerabilities with CWE-779 (20)
9.8
CVSS
CRITICAL
CVE-2024-36072
pub. 2024-06-27
8.6
CVSS
HIGH
CVE-2024-36416
pub. 2024-06-10
7.5
CVSS
HIGH
CVE-2026-28718
pub. 2026-03-06
7.5
CVSS
HIGH
CVE-2025-8696
pub. 2025-09-10
7.5
CVSS
HIGH
CVE-2024-55628
pub. 2025-01-06
7.5
CVSS
HIGH
CVE-2022-31004
pub. 2022-06-02
5.5
CVSS
MEDIUM
CVE-2024-1141
pub. 2024-02-01
5.5
CVSS
MEDIUM
CVE-2022-22291
pub. 2022-02-11
5.5
CVSS
MEDIUM
CVE-2021-25420
pub. 2021-06-11
5.5
CVSS
MEDIUM
CVE-2021-25421
pub. 2021-06-11
5.5
CVSS
MEDIUM
CVE-2021-25422
pub. 2021-06-11
5.5
CVSS
MEDIUM
CVE-2021-25423
pub. 2021-06-11
5.4
CVSS
MEDIUM
CVE-2026-20209
pub. 2026-05-14
5.4
CVSS
MEDIUM
CVE-2026-20210
pub. 2026-05-14
5.4
CVSS
MEDIUM
CVE-2025-51397
pub. 2025-07-21
5.4
CVSS
MEDIUM
CVE-2025-53636
pub. 2025-07-11
5.4
CVSS
MEDIUM
CVE-2023-23949
pub. 2023-01-26
4.3
CVSS
MEDIUM
CVE-2022-25779
pub. 2022-05-04
4.0
CVSS
MEDIUM
CVE-2022-39874
pub. 2022-10-07
2.7
CVSS
LOW
CVE-2025-69230
pub. 2026-01-06