3 matches found
CVE-2022-23715
A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in the Logging and Monitoring cluster. The affected APIs are PATCH /api/v1/user a...
CVE-2022-23715
CVE-2022-23715 affects Elastic Cloud Enterprise (ECE) prior to 3.4.0. A flaw in the Logging and Monitoring cluster may cause disclosure of sensitive information (e.g., user passwords and Elasticsearch keystore values) in logs. The vulnerable endpoints are PATCH /api/v1/user and PATCH /deployments...
Elastic Cloud Enterprise 3.4.0 Security Update
Elastic Cloud Enterprise Sensitive information disclosure issue ESA-2022-10 A flaw was discovered in ECE before 3.4.0 that might lead to the disclosure of sensitive information such as user passwords and Elasticsearch keystore settings values in logs such as the audit log or deployment logs in th...