Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/27 12:0 a.m.8 views

Elastic APM Server 8.x < 8.16.1 Information Disclosure (ESA-2024-41)

The version of Elastic APM Server installed on the remote host is 8.x prior to 8.16.1. It is, therefore, affected by an information disclosure vulnerability: - APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the...

5.7CVSS6.2AI score0.00223EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/03 12:0 a.m.6 views

Elastic APM Server 安全漏洞

Elastic APM Server is a lightweight Agent from the Dutch company Elastic. A security vulnerability exists in Elastic APM Server versions prior to 8.14.0, which stems from the server recording error logs that inadvertently record sensitive information, leading to a data leak...

6.5CVSS5.6AI score0.00437EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.4 views

The vulnerability of the server-based software for monitoring and analyzing application performance, Elastic APM Server, arises from the ability to disclose information through registration files, allowing attackers to compromise the confidentiality of protected information.

The vulnerability of the server-based software for monitoring and analyzing application performance, Elastic APM Server, is related to the disclosure of information through registration files. Exploiting this vulnerability can allow attackers to compromise the confidentiality of the protected...

5.7CVSS6.6AI score0.00577EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.6 views

Vulnerabilities include agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, server software for managing agents in Elastic Fleet Server. Issues also involve errors in the TLS certificate validation process, allowing attackers to establish connections with invalid server certificates.

The vulnerability affects agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, and server software for managing agents in...

5.9CVSS7.2AI score0.0027EPSS
Exploits0References5Affected Software4
Kitploit
Kitploit
added 2019/12/13 9:28 p.m.297 views

Dsiem - Security Event Correlation Engine For ELK Stack

Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...

6.8AI score
Exploits0References7
Rows per page
Query Builder