5 matches found
Elastic APM Server 8.x < 8.16.1 Information Disclosure (ESA-2024-41)
The version of Elastic APM Server installed on the remote host is 8.x prior to 8.16.1. It is, therefore, affected by an information disclosure vulnerability: - APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the...
Elastic APM Server 安全漏洞
Elastic APM Server is a lightweight Agent from the Dutch company Elastic. A security vulnerability exists in Elastic APM Server versions prior to 8.14.0, which stems from the server recording error logs that inadvertently record sensitive information, leading to a data leak...
The vulnerability of the server-based software for monitoring and analyzing application performance, Elastic APM Server, arises from the ability to disclose information through registration files, allowing attackers to compromise the confidentiality of protected information.
The vulnerability of the server-based software for monitoring and analyzing application performance, Elastic APM Server, is related to the disclosure of information through registration files. Exploiting this vulnerability can allow attackers to compromise the confidentiality of the protected...
Vulnerabilities include agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, server software for managing agents in Elastic Fleet Server. Issues also involve errors in the TLS certificate validation process, allowing attackers to establish connections with invalid server certificates.
The vulnerability affects agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, and server software for managing agents in...
Dsiem - Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...