Lucene search

CVE-2023-31417

🗓️ 26 Oct 2023 18:08:15Reported by GoogleType

osv🔗 osv.dev👁 23 Views

Elasticsearch flaw may expose sensitive info in audit log

Reporter	Title	Published	Views	Family All 16
OSV	Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs	26 Oct 202318:30	–	osv
OSV	BIT-elasticsearch-2023-31417	6 Mar 202410:52	–	osv
Prion	Cross site request forgery (csrf)	26 Oct 202318:15	–	prion
NVD	CVE-2023-31417	26 Oct 202318:15	–	nvd
Cvelist	CVE-2023-31417 Elasticsearch Insertion of sensitive information in audit logs	26 Oct 202317:47	–	cvelist
UbuntuCve	CVE-2023-31417	26 Oct 202300:00	–	ubuntucve
Github Security Blog	Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs	26 Oct 202318:30	–	github
RedhatCVE	CVE-2023-31417	11 Sep 202314:06	–	redhatcve
CVE	CVE-2023-31417	26 Oct 202318:15	–	cve
Veracode	Sensitive Information Disclosure	31 Oct 202306:49	–	veracode

Source	Link
discuss	www.discuss.elastic.co/t/elasticsearch-8-9-2-and-7-17-13-security-update/342479
security	www.security.netapp.com/advisory/ntap-20231130-0006/
elastic	www.elastic.co/community/security

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Oct 2023 18:15Current

6.6Medium risk

Vulners AI Score6.6

CVSS34.4

EPSS0.00064