Cyber News

Insertion of sensitive information into REST API logs

09/12/2025

CVSSv3 Score: 6.3

An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS, FortiProxy, FortiPAM and FortiSRA may allow a read-only administrator to retrieve API tokens of other administrators via observing REST API logs, if REST API logging is enabled (non-default configuration).

Revised on 2025-12-09 00:00:00

– Read more

Monday	08:00 - 17:00
Tuesday	08:00 - 17:00
Wednesday	08:00 - 17:00
Thursday	08:00 - 17:00
Friday	08:00 - 17:00

Insertion of sensitive information into REST API logs

Latest article

How to get started with security response automation on AWS

I’m locked in!

Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS

Identitäten im Fokus von Cyberkriminellen

EDITOR PICKS

How to get started with security response automation on AWS

I’m locked in!

Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS

POPULAR POSTS

Threats to users of adult websites in 2018

The World’s Most Popular Coding Language Happens to be Most Hackers’...

IT threat evolution Q2 2019

POPULAR CATEGORY

How to get started with security response automation on AWS

I’m locked in!

Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS