Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-779 (日志记录过多数据) — Vulnerability Class 12

12 vulnerabilities classified as CWE-779 (日志记录过多数据). AI Chinese analysis included.

CWE-779 represents a logging weakness where applications record excessive or unnecessary data, creating voluminous log files that obscure critical security events. This flaw is typically exploited by attackers who intentionally trigger high-volume logging to cause denial-of-service conditions through disk space exhaustion or to mask malicious activities within the noise of redundant entries. Consequently, system administrators struggle to detect anomalies, hindering forensic analysis and incident response efforts during an active breach. To avoid this vulnerability, developers must implement strict logging policies that prioritize essential security and operational data while suppressing verbose debug information in production environments. By configuring log levels appropriately and filtering sensitive or redundant data, organizations ensure that logs remain manageable, searchable, and effective for monitoring system health and identifying genuine threats without overwhelming infrastructure resources.

MITRE CWE Description
The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack. While logging is a good practice in general, and very high levels of logging are appropriate for debugging stages of development, too much logging in a production environment might hinder a system administrator's ability to detect anomalous conditions. This can provide cover for an attacker while attempting to penetrate a system, clutter the audit trail for forensic analysis, or make it more difficult to debug problems in a production environment.
Common Consequences (3)
AvailabilityDoS: Resource Consumption (CPU), DoS: Resource Consumption (Other)
Log files can become so large that they consume excessive resources, such as disk and CPU, which can hinder the performance of the system.
Non-RepudiationHide Activities
Logging too much information can make the log files of less use to forensics analysts and developers when trying to diagnose a problem or recover from an attack.
Non-RepudiationHide Activities
If system administrators are unable to effectively process log files, attempted attacks may go undetected, possibly leading to eventual system compromise.
Mitigations (3)
Architecture and DesignSuppress large numbers of duplicate log messages and replace them with periodic summaries. For example, syslog may include an entry that states "last message repeated X times" when recording repeated events.
Architecture and DesignSupport a maximum size for the log file that can be controlled by the administrator. If the maximum size is reached, the admin should be notified. Also, consider reducing functionality of the product. This may result in a denial-of-service to legitimate product users, but it will prevent the product from adversely impacting the entire system.
ImplementationAdjust configurations appropriately when the product is transitioned from a debug state to production.
CVE IDTitleCVSSSeverityPublished
CVE-2026-28718 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 17 7.5 -2026-03-05
CVE-2025-69230 AIOHTTP Vulnerable to Cookie Parser Warning Storm — aiohttp--2026-01-05
CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS — SuiteCRM 8.6 High2024-06-10
CVE-2024-1141 Glance-store: glance store access key logged in debug log level 5.5 Medium2024-02-01
CVE-2022-39874 SAMSUNG Mobile devices 日志信息泄露漏洞 — Samsung Account 4.0 Medium2022-10-07
CVE-2022-31004 Potential secrets being logged to disk in CVE Services — cve-services 7.5 High2022-05-25
CVE-2022-25779 Insufficient scope checks allows adding unrelated audit log entries — GateManager 4.3 Medium2022-05-04
CVE-2022-22291 Samsung telephony 安全漏洞 — Samsung Mobile Devices 5.5 Medium2022-02-11
CVE-2021-25420 Samsung Galaxy Watch PlugIn 日志信息泄露漏洞 — Galaxy Watch PlugIn 5.5 -2021-06-11
CVE-2021-25421 Samsung Mobile Galaxy Watch PlugIn 日志信息泄露漏洞 — Galaxy Watch3 PlugIn 5.5 -2021-06-11
CVE-2021-25422 Samsung Watch Active2 PlugIn 日志信息泄露漏洞 — Watch Active PlugIn 5.5 -2021-06-11
CVE-2021-25423 Samsung Watch Active2 PlugIn 日志信息泄露漏洞 — Watch Active2 PlugIn 5.5 -2021-06-11

Vulnerabilities classified as CWE-779 (日志记录过多数据) represent 12 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.