Lucene search

ElasticCVELIST:CVE-2023-46667

HistoryOct 26, 2023 - 12:59 a.m.

CVE-2023-46667 Fleet Server Insertion of Sensitive Information into Log File

2023-10-2600:59:36

CWE-532

elastic

www.cve.org

cve-2023-46667

fleet server

sensitive information

log file

agent enrolment

policy

elasticsearch

third-party services

threat actor

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enrol agents to the clusters and send arbitrary events to Elasticsearch.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Fleet Server",
    "vendor": "Elastic",
    "versions": [
      {
        "lessThan": "8.10.3",
        "status": "affected",
        "version": "8.10.0",
        "versionType": "semver"
      }
    ]
  }
]

References

discuss.elastic.co/t/fleet-server-v8-10-3-security-update/344737

www.elastic.co/community/security

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

Related for CVELIST:CVE-2023-46667