- Description
- Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: https://github.com/apache/apisix/pull/12629 Users are recommended to upgrade to version 3.14, which fixes this issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- apisix
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- security@apache.org
- CWE-532
- Hype score
- Not currently trending
CVE-2025-62232 Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/D… https://t.co/egwsChogNf
@CVEnew
31 Oct 2025
148 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62232 CVE-2025-62232 https://t.co/ftRdbF157J
@VulmonFeeds
30 Oct 2025
26 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62232: Apache APISIX: APISIX basic-auth logs plaintext credentials at info level https://t.co/fL3UHT5lje logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG
@oss_security
30 Oct 2025
589 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16698AAC-0684-4279-8BB8-09EC98C14F79",
"versionEndExcluding": "3.14.0",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]