#VU107228 Inclusion of Sensitive Information in Log Files in Azure Local Cluster - CVE-2025-25002
Published: April 8, 2025
Vulnerability identifier: #VU107228
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-25002
CWE-ID: CWE-532
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Azure Local Cluster
Azure Local Cluster
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files in Azure Local Cluster. An administrator on the local network can read the log files and gain access to sensitive data.
Remediation
Install updates from vendor's website.