Lucene search
K

71 matches found

CVE
CVE
added 2025/01/23 7:19 a.m.79 views

CVE-2024-52975

The CVE-2024-52975 issue affects Elastic Fleet Server. Concrete details indicate that policies stored in Fleet Server could contain sensitive information and are logged at INFO/ERROR levels, with exposure depending on enabled integrations. From the Elastic ESA-2024-31 advisory (and related source...

9CVSS6.6AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.5 views

Elastic Fleet Server 信息泄露漏洞

Elastic Fleet Server is a component of Elastic Netherlands that connects Elastic Agent to Fleet. A security vulnerability exists in Elastic Fleet Server that stems from queuing policies being logged at the INFO and ERROR log levels, resulting in the exposure of logs that may contain sensitive...

9CVSS6.6AI score0.00269EPSS
Exploits0References2
Elastic
Elastic
added 2025/01/22 3:9 p.m.11 views

Fleet Server 8.15.0 Security Update ( ESA-2024-31)

Fleet Server sensitive information exposure via logs ESA-2024-31 An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled...

9CVSS6.6AI score0.00269EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.5 views

PT-2024-10386 · Unknown · Fleet Server

Name of the Vulnerable Software and Affected Versions: Fleet Server versions are not explicitly specified in the provided descriptions, but based on the available information, the issue is identified in Fleet Server. Description: An issue was identified in Fleet Server where Fleet policies that...

9CVSS6.8AI score0.00269EPSS
Exploits0References14
OSV
OSV
added 2024/11/14 4:49 p.m.4 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS7.9AI score0.01257EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/14 4:49 p.m.28 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS0.01257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.5 views

PT-2024-5984 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious us...

9.1CVSS7.6AI score0.01257EPSS
Exploits0References38
OSV
OSV
added 2024/03/06 10:52 a.m.14 views

BIT-ELASTICSEARCH-2021-37937 Elasticsearch privilege escalation

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

8.8CVSS8.7AI score0.00714EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/23 12:0 a.m.6 views

Vulnerabilities include agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, server software for managing agents in Elastic Fleet Server. Issues also involve errors in the TLS certificate validation process, allowing attackers to establish connections with invalid server certificates.

The vulnerability affects agents for data collection and delivery in Elasticsearch or Logstash Elastic Beats, agents for collecting metrics in Elastic Agent, server software for monitoring and analyzing application performance in Elastic APM Server, and server software for managing agents in...

5.9CVSS7.2AI score0.0027EPSS
Exploits0References5Affected Software4
NVD
NVD
added 2023/11/22 2:15 a.m.20 views

CVE-2021-37937

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

8.8CVSS0.00714EPSS
Exploits0References2
OSV
OSV
added 2023/11/22 2:15 a.m.5 views

CVE-2021-37937

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

8.8CVSS6.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/11/22 2:15 a.m.24 views

CVE-2021-37937

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

8.8CVSS7.1AI score0.00714EPSS
Exploits0References3
OSV
OSV
added 2023/11/22 2:15 a.m.1 views

UBUNTU-CVE-2021-37937

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

8.8CVSS5.8AI score0.00714EPSS
Exploits0References4
CVE
CVE
added 2023/11/22 1:45 a.m.53 views

CVE-2021-37937

CVE-2021-37937 affects Elastic Stack components where API keys created under a Fleet-Server service account could be issued with higher privileges, allowing a compensated service account to escalate to a super-user. Affected: Elasticsearch/Fleet integration in Elastic Stack; Root cause: API key c...

8.8CVSS7.1AI score0.00714EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/22 1:45 a.m.30 views

CVE-2021-37937 Elasticsearch privilege escalation

An issue was found with how API keys are created with the Fleet-Server service account. When an API key is created with a service account, it is possible that the API key could be created with higher privileges than intended. Using this vulnerability, a compromised Fleet-Server service account...

5.9CVSS8.9AI score0.00714EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.4 views

PT-2023-12331 · Unknown · Fleet Server

Name of the Vulnerable Software and Affected Versions: Fleet-Server affected versions not specified Description: An issue was found with how API keys are created with the Fleet-Server service account, allowing a compromised Fleet-Server service account to potentially escalate themselves to a...

8.8CVSS8.6AI score0.00714EPSS
Exploits0References9
NVD
NVD
added 2023/10/26 4:15 a.m.27 views

CVE-2023-31421

It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to...

7.5CVSS6.6AI score0.0027EPSS
Exploits0References2
CVE
CVE
added 2023/10/26 3:10 a.m.75 views

CVE-2023-31421

CVE-2023-31421 affects Beats, Elastic Agent, APM Server, and Fleet Server when acting as TLS clients: if configured to connect to an IP address, the client does not validate the server certificate’s IP SAN against that IP, though certificate signature validation runs. This can allow a connection ...

7.5CVSS6.6AI score0.0027EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/26 3:10 a.m.32 views

CVE-2023-31421 Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue

It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to...

5.9CVSS7.7AI score0.0027EPSS
Exploits0References2
NVD
NVD
added 2023/10/26 1:15 a.m.23 views

CVE-2023-46667

An issue was discovered in Fleet Server = v8.10.0 and v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in th...

8.1CVSS8AI score0.00473EPSS
Exploits0References2
Rows per page
Query Builder