Linux Distros Unpatched Vulnerability : CVE-2023-31417

🗓️ 03 Sep 2025 00:00:00Reported by TenableType

An unpatched CVE-2023-31417 may expose passwords and tokens in Elasticsearch audit logs via deprecated API URIs.

Reporter	Title	Published	Views	Family All 24
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Elasticsearch affect watsonx.data	3 Sep 202421:02	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Elasticsearch affect watsonx.data	16 Sep 202417:08	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.13 addresses multiple security vulnerabilities.	31 Jul 202411:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable multiple Elasticsearch vulnerabilities.	5 Feb 202420:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for November 2023.	26 Mar 202504:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in elasticsearch-7.10.2.jar	5 Sep 202421:54	–	ibm
Circl	CVE-2023-31417	26 Oct 202322:16	–	circl
CNNVD	Elasticsearch Log Information Disclosure Vulnerability	26 Oct 202300:00	–	cnnvd
CVE	CVE-2023-31417	26 Oct 202317:47	–	cve
Cvelist	CVE-2023-31417 Elasticsearch Insertion of sensitive information in audit logs	26 Oct 202317:47	–	cvelist

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2023-31417
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(260964);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/03");

  script_cve_id("CVE-2023-31417");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-31417");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Elasticsearch generally filters out sensitive information and credentials before logging to the audit log.
    It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated
    URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be
    printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs
    to be explicitly enabled and even when audit logging is enabled, request bodies that could contain
    sensitive information are not printed to the audit log unless explicitly configured. (CVE-2023-31417)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-31417");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-31417");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/09/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:elasticsearch");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "elasticsearch"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

03 Sep 2025 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.14.1 - 4.4

EPSS0.0006