Lucene search

ElasticCVE-2023-46668

HistoryOct 26, 2023 - 12:15 a.m.

CVE-2023-46668

2023-10-2600:15:12

CWE-532

elastic

web.nvd.nist.gov

cve-2023-46668

elastic endpoint

logging level

debug

api keys

security vulnerability

information security

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

40.9%

JSON

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

Affected configurations

Nvd

Node

elasticendpointRange7.9.0–8.10.3

VendorProductVersionCPE
elasticendpoint*cpe:2.3:a:elastic:endpoint:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
elastic	endpoint	*	cpe:2.3:a:elastic:endpoint::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Endpoint",
    "vendor": "Elastic",
    "versions": [
      {
        "status": "affected",
        "version": "7.9.0, 8.10.3"
      }
    ]
  }
]

References

discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203

www.elastic.co/community/security

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

40.9%

JSON

Related for CVE-2023-46668