Описание
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.
Ссылки
- Release Notes
- MitigationVendor Advisory
- Release Notes
- MitigationVendor Advisory
Уязвимые конфигурации
EPSS
4.6 Medium
CVSS3
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect and send those logs to Elasticsearch, then Elastic Agent API keys can be viewed in Elasticsearch in plaintext. These API keys could be used to write arbitrary data and read Elastic Endpoint user artifacts.
Уязвимость программного средства для защиты конечных точек Elastic Endpoint, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
4.6 Medium
CVSS3
9.1 Critical
CVSS3