azure-iot-sdk-java is vulnerable to information disclosure. Confidential information such as usernames are written to log files which would allow an attacker to retrieve such information if the log files are exposed, and perform further attacks against other users or the system.