目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-778 不充分的日志记录 类漏洞列表 21

CWE-778 不充分的日志记录 类弱点 21 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-778 属于日志记录不足漏洞,指系统在发生安全关键事件时未记录或遗漏关键细节。攻击者常利用此缺陷隐藏恶意行为,如暴力破解登录,从而逃避检测并阻碍事后取证分析。开发者应确保记录所有安全事件的关键上下文,实施集中式日志管理并定期审查日志完整性,以保障可追溯性与威胁检测能力。

MITRE CWE 官方描述
CWE:CWE-778 日志记录不足 (Insufficient Logging) 英文:当发生安全关键事件 (security-critical event) 时,产品要么未记录该事件,要么在记录时省略了该事件的重要细节。 如果未能正确记录安全关键事件(例如登录失败尝试),这将使恶意行为更难被检测,并可能在攻击成功后阻碍取证分析 (forensic analysis)。随着组织采用云存储资源,这些技术通常需要进行配置更改以启用详细的日志记录信息,因为详细日志记录可能会产生额外费用。这可能导致关键审计日志 (audit logs) 中出现遥测数据 (telemetry) 缺口。例如,在 Azure 中,日志记录的默认值为禁用。
常见影响 (1)
Non-RepudiationHide Activities
If security critical information is not recorded, there will be no trail for forensic analysis and discovering the cause of problems or the source of attacks may become more difficult or impossible.
缓解措施 (4)
Architecture and DesignUse a centralized logging mechanism that supports multiple levels of detail.
ImplementationEnsure that all security-related successes and failures can be logged. When storing data in the cloud (e.g., AWS S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to enable and capture detailed logging information.
OperationBe sure to set the level of logging appropriately in a production environment. Sufficient data should be logged to enable system administrators to detect attacks, diagnose errors, and recover from attacks. At the same time, logging too much data (CWE-779) can cause the same problems, including unexpected costs when using a cloud environment.
OperationTo enable storage logging using Azure's Portal, navigate to the name of the Storage Account, locate Monitoring (CLASSIC) section, and select Diagnostic settings (classic). For each of the various properties (blob, file, table, queue), ensure the status is properly set for the desired logging data. If using PowerShell, the Set-AzStorageServiceLoggingProperty command could be called using appropriat…
代码示例 (2)
The example below shows a configuration for the service security audit feature in the Windows Communication Foundation (WCF).
<system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="NewBehavior"> <serviceSecurityAudit auditLogLocation="Default" suppressAuditFailure="false" serviceAuthorizationAuditLevel="None" messageAuthenticationAuditLevel="None" /> ... </system.serviceModel>
Bad · XML
<system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="NewBehavior"> <serviceSecurityAudit auditLogLocation="Default" suppressAuditFailure="false" serviceAuthorizationAuditLevel="SuccessAndFailure" messageAuthenticationAuditLevel="SuccessAndFailure" /> ... </system.serviceModel>
Good · XML
In the following Java example the code attempts to authenticate the user. If the login fails a retry is made. Proper restrictions on the number of login attempts are of course part of the retry functionality. Unfortunately, the failed login is not recorded and there would be no record of an adversary attempting to brute force the program.
if LoginUser(){ // Login successful RunProgram(); } else { // Login unsuccessful LoginRetry(); }
Bad · Java
if LoginUser(){ // Login successful log.warn("Login by user successful."); RunProgram(); } else { // Login unsuccessful log.warn("Login attempt by user failed, trying again."); LoginRetry(); }
Good · Java
CVE ID标题CVSS风险等级Published
CVE-2026-32803 Dell PowerScale OneFS 多个版本日志不足漏洞 — PowerScale OneFS 3.3 Low2026-05-08
CVE-2026-3494 MCP MariaDB Server 安全漏洞 — MariaDB Server 4.3 Medium2026-03-03
CVE-2026-25598 Harden-Runner 安全漏洞 — harden-runner 5.3AIMediumAI2026-02-09
CVE-2026-22279 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 4.3 Medium2026-01-22
CVE-2025-66552 Nextcloud Server 安全漏洞 — security-advisories 4.3 Medium2025-12-05
CVE-2025-53498 Wikimedia Mediawiki - AbuseFilter Extension 安全漏洞 — Mediawiki - AbuseFilter Extension 5.3AIMediumAI2025-07-07
CVE-2025-32967 OpenEMR 安全漏洞 — openemr 5.4 Medium2025-05-23
CVE-2025-2562 Devolutions Remote Desktop Manager 安全漏洞 — Remote Desktop Manager 8.8AIHighAI2025-03-26
CVE-2024-10863 OpenText Secure Content Manager 安全漏洞 — Secure Content Manager 5.3 -2024-11-22
CVE-2024-48967 Baxter Life2000 安全漏洞 — Life2000 Ventilation System 10.0 Critical2024-11-14
CVE-2024-2291 Progress MOVEit Transfer 安全漏洞 — MOVEit Transfer 4.3 Medium2024-03-20
CVE-2024-24901 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 3.0 Low2024-03-04
CVE-2023-1995 Hitachi HiRDB Server 安全漏洞 — HiRDB Server 5.3 Medium2023-08-29
CVE-2022-30305 Fortinet FortiSandbox 安全漏洞 — FortiSandbox 3.6 Low2022-12-06
CVE-2022-31120 Nextcloud 安全漏洞 — security-advisories 2.1 Low2022-08-04
CVE-2022-25783 Secomea GateManager 安全漏洞 — GateManager 4.3 Medium2022-05-04
CVE-2021-33689 SAP NetWeaver AS 安全漏洞 — SAP NetWeaver AS JAVA (Administrator applications) 4.3 -2021-07-14
CVE-2021-32680 Nextcloud 安全漏洞 — security-advisories 3.3 Low2021-07-12
CVE-2019-19277 Siemens SIPORT MP 安全漏洞 — SIPORT MP 6.5 -2020-03-10
CVE-2019-19295 Siemens SiNVR 3 Central Control Server和SiNVR 3 Video Server 安全漏洞 — Control Center Server (CCS) 4.3 Medium2020-03-10
CVE-2019-7613 Elasticsearch Winlogbeat 输入验证错误漏洞 — Logstash 5.3 -2019-03-25

CWE-778(不充分的日志记录) 是常见的弱点类别,本平台收录该类弱点关联的 21 条 CVE 漏洞。