CVE-2025-24389

MEDIUM Year: 2025
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-532
View all →

Vulnerability Description

Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * ((OTRS)) Community Edition: 6.0.x Products based on the ((OTRS)) Community Edition also very likely to be affected

Related Vulnerabilities

CVE-2023-29002

MEDIUM
CVSS:6.3(Medium)

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include da...

CWE-5322023

CVE-2023-4380

MEDIUM
CVSS:6.3(Medium)

A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credent...

CWE-5322023

CVE-2024-39532

MEDIUM
CVSS:6.3(Medium)

An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive info...

CWE-5322024

CVE-2017-5137

MEDIUM
CVSS:6.2(Medium)

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.

CWE-5322017

CVE-2021-20536

MEDIUM
CVSS:6.2(Medium)

IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.

CWE-5322021

CVE-2023-40694

MEDIUM
CVSS:6.2(Medium)

IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838.

CWE-5322023