Clear-text logging of sensitive informationΒΆ
ID: js/clear-text-logging
Kind: path-problem
Security severity: 7.5
Severity: error
Precision: high
Tags:
- security
- external/cwe/cwe-312
- external/cwe/cwe-359
- external/cwe/cwe-532
Query suites:
- javascript-code-scanning.qls
- javascript-security-extended.qls
- javascript-security-and-quality.qls
Click to see the query in the CodeQL repository
If sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.
Potential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.
RecommendationΒΆ
Sensitive data should not be logged.
ExampleΒΆ
In the example the entire process environment is logged using `console.info`. Regular users of the production deployed application should not have access to this much information about the environment configuration.
// BAD: Logging cleartext sensitive data
console.info(`[INFO] Environment: ${JSON.stringify(process.env)}`);
In the second example the data that is logged is not sensitive.
let not_sensitive_data = { a: 1, b : 2}
// GOOD: it is fine to log data that is not sensitive
console.info(`[INFO] Some object contains: ${JSON.stringify(not_sensitive_data)}`);