Elastic Kibana 7.13.0 < 7.17.16, 8.0 < 8.11.2 Information Disclosure (ESA-2023-27)

The version of the Elastic Kibana instance on the remote host is 7.13.0 prior to 7.17.16 or 8.0 prior to 8.11.1. It is, therefore, affected by an information disclosure vulnerability. In the event of an infrequent error returned from an Elasticsearch cluster, in cases where there is user...

CVE-2023-49923

An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs. Elastic has released...