Severity: Medium

Description: When using passwords within a macro definition or as macro variables, their values are exposed in the logs if you enabled one or more of the following options: MPRINT, MLOGIC, and SYMBOLGEN. This issue occurs when you use the syntax of keyword=password within the macro definition. This issue occurs in all releases of SAS 9.4.

Potential Impact: Passwords are displayed in the log that can be seen by anyone, which could create a security risk.