Accepting user input in log files can result in log forging. For example, if a user enters carriage return and line feed (CRLF) sequences, it may be possible to break apart a legit log entry into two log entries. The second entry can be made to be purposely intentionally misleading, for instance, it may warn the administrator that a reboot is required to install critical security updates.
...
Allowing unvalidated user input to be logged can lead to result in forging of log entries.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXC12- J | medium | probable | medium | P8 | L2 |
...