Описание
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
Ссылки
- Release NotesVendor Advisory
- Product
- Release NotesVendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.1 (исключая)
cpe:2.3:a:elastic:elastic_cloud_enterprise:*:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00237
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-532
CWE-532
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
A flaw was discovered in ECE before 3.1.1 that could lead to the disclosure of the SAML signing private key used for the RBAC features, in deployment logs in the Logging and Monitoring cluster.
EPSS
Процентиль: 47%
0.00237
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-532
CWE-532