CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31422 – Kibana Insertion of Sensitive Information into Log File
https://notcve.org/view.php?id=CVE-2023-31422
An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has released Kibana 8.10.1 which resolves this issue. The error object recorded in the log contains request information, which can include sensitive data, such as authentication credentials, cookies, authorization headers, query params, request paths, and other metadata. Some examples of sensitive data which can be included in the logs are account credentials for kibana_system, kibana-metricbeat, or Kibana end-users. • https://discuss.elastic.co/t/kibana-8-10-1-security-update/343287 https://www.elastic.co/community/security • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46667 – Fleet Server Insertion of Sensitive Information into Log File
https://notcve.org/view.php?id=CVE-2023-46667
An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where Agent enrolment tokens are being inserted into the Fleet Server’s log file in plain text. These enrolment tokens could allow someone to enrol an agent into an agent policy, and potentially use that to retrieve other secrets in the policy including for Elasticsearch and third-party services. Alternatively a threat actor could potentially enrol agents to the clusters and send arbitrary events to Elasticsearch. Se descubrió un problema en Fleet Server en versiones >= v8.10.0 y < v8.10.3 donde los tokens de inscripción del agente se insertan en el archivo de registro del Fleet Server en texto plano. Estos tokens de inscripción podrían permitir que alguien inscriba a un agente en una política de agente y potencialmente usarlo para recuperar otros secretos en la política, incluso para Elasticsearch y servicios de terceros. • https://discuss.elastic.co/t/fleet-server-v8-10-3-security-update/344737 https://www.elastic.co/community/security • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46668 – Elastic Endpoint Insertion of Sensitive Information into Log File
https://notcve.org/view.php?id=CVE-2023-46668
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts. Si Elastic Endpoint (v7.9.0 - v8.10.3) está configurado para usar una opción no predeterminada en la que el nivel de log está configurado explícitamente en debug, y cuando Elastic Agent está configurado simultáneamente para recopilar y enviar esos registros a Elasticsearch, entonces las claves de API del Agente Elastic se pueden ver en Elasticsearch en texto plano. Estas claves API podrían usarse para escribir datos arbitrarios y leer artefactos de usuario de Elastic Endpoint. • https://discuss.elastic.co/t/endpoint-v8-10-4-security-update/345203 https://www.elastic.co/community/security • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2023-31419 – Elasticsearch StackOverflow vulnerability
https://notcve.org/view.php?id=CVE-2023-31419
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service. Se descubrió una falla en Elasticsearch que afectaba a la API _search y permitía que una cadena de consulta especialmente manipulada provocara un desbordamiento de pila y, en última instancia, una denegación de servicio. • https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419 https://github.com/u238/Elasticsearch-CVE-2023-31419 https://discuss.elastic.co/t/elasticsearch-8-9-1-7-17-13-security-update/343297 https://security.netapp.com/advisory/ntap-20231116-0010 https://www.elastic.co/community/security • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31414
https://notcve.org/view.php?id=CVE-2023-31414
Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process. • https://discuss.elastic.co/t/kibana-8-7-1-security-updates/332330 https://www.elastic.co/community/security • CWE-94: Improper Control of Generation of Code ('Code Injection') •