3 matches found
CVE-2023-46667
Fleet Server vulnerability CVE-2023-46667 affects Fleet Server 8.10.0–8.10.2 where enrolment tokens are written in plaintext to log files, potentially enabling unauthorized agent enrolment and access to secrets (Elasticsearch and third‑party services) or arbitrary events. Exploitation is not desc...
CVE-2023-46667 Fleet Server Insertion of Sensitive Information into Log File
An issue was discovered in Fleet Server = v8.10.0 and v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in th...
CVE-2023-46667 Fleet Server Insertion of Sensitive Information into Log File
An issue was discovered in Fleet Server = v8.10.0 and v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in th...