Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-46668

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

Published

2023-10-26T00:15:12.150

Last Modified

2024-11-21T08:29:01.693

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-532
Type: Primary
CWE-532

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	elastic	endpoint	≤ 8.10.3	Yes

References

https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203 Release Notes ([email protected])
https://www.elastic.co/community/security Mitigation, Vendor Advisory ([email protected])
https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203 Release Notes (af854a3a-2127-422b-91ae-364da2661108)
https://www.elastic.co/community/security Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)