Lucene search

[email protected]NVD:CVE-2023-46668

HistoryOct 26, 2023 - 12:15 a.m.

CVE-2023-46668

2023-10-2600:15:12

CWE-532

[email protected]

web.nvd.nist.gov

cve-2023-46668

elasticsearch

api keys

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

40.9%

JSON

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.

Affected configurations

Nvd

Node

elasticendpointRange7.9.0–8.10.3

VendorProductVersionCPE
elasticendpoint*cpe:2.3:a:elastic:endpoint:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
elastic	endpoint	*	cpe:2.3:a:elastic:endpoint::::::::

References

discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203

www.elastic.co/community/security

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

40.9%

JSON

Related for NVD:CVE-2023-46668

prion1 vulnrichment1 cvelist1 cve1