1 vulnerabilities classified as CWE-533. AI Chinese analysis included.
CWE-533 represents a deprecated information exposure weakness where sensitive data is inadvertently recorded in server log files. Although superseded by the more granular CWE-532, this vulnerability historically allowed attackers to exploit poorly configured logging mechanisms that captured credentials, session tokens, or personally identifiable information. By accessing these log files through unauthorized means, such as directory traversal or insufficient file permissions, adversaries could harvest critical secrets to facilitate further attacks like session hijacking or privilege escalation. Developers mitigate this risk by implementing strict logging policies that exclude sensitive data fields, ensuring logs contain only necessary operational metrics. Additionally, enforcing robust access controls on log directories and regularly auditing log content helps prevent accidental exposure, thereby maintaining the confidentiality and integrity of stored server information.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33558 | Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output — Apache Kafka | 5.9AI | MediumAI | 2026-04-20 |
Vulnerabilities classified as CWE-533 represent 1 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.