CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46667 – Fleet Server Insertion of Sensitive Information into Log File
https://notcve.org/view.php?id=CVE-2023-46667
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enrol agents to the clusters and send arbitrary events to Elasticsearch. Se descubrió un problema en Fleet Server en versiones >= v8.10.0 y < v8.10.3 donde los tokens de inscripción del agente se insertan en el archivo de registro del Fleet Server en texto plano. Estos tokens de inscripción podrían permitir que alguien inscriba a un agente en una política de agente y potencialmente usarlo para recuperar otros secretos en la política, incluso para Elasticsearch y servicios de terceros. • https://discuss.elastic.co/t/fleet-server-v8-10-3-security-update/344737 https://www.elastic.co/community/security • CWE-532: Insertion of Sensitive Information into Log File •