Production log files disclosure

Sensitive information may be present in your production log files.

  • exposure
  • logs

A production log file is created by every request your application makes to the application or system layer. By analysing these files it is possible to reveal some information about the request processing history and the user who made the request.

Impact

An attacker may be able to gather sensitive information about the application, about the environment and about the user who previously used it.

Solution

It is recommended to purge old application logs from your webserver log files.

Was this page helpful?