Lucene search
GHSA-99PC-69Q9-JXF2 Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs
Elasticsearch allows insertion of sensitive information into log files using deprecated URIs. Sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Deprecated `_xpack/security` APIs removed in 8.0.0 and later.
Show more
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | CVE-2023-31417 Elasticsearch Insertion of sensitive information in audit logs | 26 Oct 202317:47 | – | cvelist |
 | Cross site request forgery (csrf) | 26 Oct 202318:15 | – | prion |
 | CVE-2023-31417 | 26 Oct 202318:15 | – | nvd |
 | Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs | 26 Oct 202318:30 | – | github |
 | CVE-2023-31417 | 26 Oct 202300:00 | – | ubuntucve |
 | CVE-2023-31417 | 26 Oct 202318:15 | – | osv |
| UBUNTU-CVE-2023-31417 | 26 Oct 202318:15 | – | osv |
| BIT-ELASTICSEARCH-2023-31417 Elasticsearch Insertion of sensitive information in audit logs | 6 Mar 202410:52 | – | osv |
 | CVE-2023-31417 | 11 Sep 202314:06 | – | redhatcve |
 | Sensitive Information Disclosure | 31 Oct 202306:49 | – | veracode |
10
Node
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo26 Oct 2023 18:30Current
4.7Medium risk
Vulners AI Score4.7
CVSS34.1 - 4.4
EPSS0.00038