CVE-2023-46668

Published: Oct 26, 2023Modified: Nov 21, 2024

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

Affected (1)

Products: Elastic: Endpoint

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Elastic Endpoint	From 7.9.0 to 8.10.3

Related CWEs

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (4)

https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203

Source: security@elastic.co

Release Notes

https://www.elastic.co/community/security

Source: security@elastic.co

MitigationVendor Advisory

https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203

Source: af854a3a-2127-422b-91ae-364da2661108

Release Notes

https://www.elastic.co/community/security

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.