CVE-2024-23448 — Log File Information Exposure in APM Server

CWE-532 — Log File Information Exposure5 documents4 sources

Severity

7.5HIGHNVD

CNA5.7

EPSS

0.3%

top 45.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Elastic APM Server Github.com Elastic Apm-server

Timeline

PublishedFeb 7

Latest updateJun 28

Description

An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5elastic/apm_server8.12 — 8.12.1

▶NVDelastic/apm_server< 8.12.1

▶Gogithub.com/elastic_apm-server< 8.12.1

🔴Vulnerability Details

OSV

APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server↗2024-06-28

▶

GHSA

APM Server vulnerable to Insertion of Sensitive Information into Log File↗2024-02-08

▶

OSV

APM Server vulnerable to Insertion of Sensitive Information into Log File↗2024-02-08

▶

CVEList

APM Server Insertion of Sensitive Information into Log File↗2024-02-07

▶