Clear-text logging of sensitive information¶
ID: js/clear-text-loggingKind: path-problemSecurity severity: 7.5Severity: errorPrecision: highTags: - security - external/cwe/cwe-312 - external/cwe/cwe-359 - external/cwe/cwe-532Query suites: - javascript-code-scanning.qls - javascript-security-extended.qls - javascript-security-and-quality.qls
Click to see the query in the CodeQL repository
If sensitive data is written to a log entry it could be exposed to an attacker who gains access to the logs.
Potential attackers can obtain sensitive user data when the log output is displayed. Additionally that data may expose system information such as full path names, system information, and sometimes usernames and passwords.
Recommendation¶
Sensitive data should not be logged.
Example¶
In the example the entire process environment is logged using `console.info`. Regular users of the production deployed application should not have access to this much information about the environment configuration.
// BAD: Logging cleartext sensitive dataconsole.info(`[INFO] Environment:${JSON.stringify(process.env)}`);
In the second example the data that is logged is not sensitive.
letnot_sensitive_data={a:1,b:2}// GOOD: it is fine to log data that is not sensitiveconsole.info(`[INFO] Some object contains:${JSON.stringify(not_sensitive_data)}`);