CVE-2024-23448
published 2024-02-07CVE-2024-23448: An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that…
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.58%
43.3th percentile
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | apm_server | < 8.12.1 | 8.12.1 |
| elastic | apm_server | >= 8.12 < 8.12.1 | 8.12.1 |
| github.com | elastic_apm-server | >= 0 < 8.12.1 | 8.12.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
osv·2024-06-28
CVE-2024-23448 APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/elastic/apm-server before v8.12.1.
GHSA
APM Server vulnerable to Insertion of Sensitive Information into Log File
ghsa·2024-02-08
CVE-2024-23448 [HIGH] CWE-532 APM Server vulnerable to Insertion of Sensitive Information into Log File
APM Server vulnerable to Insertion of Sensitive Information into Log File
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.
OSV
APM Server vulnerable to Insertion of Sensitive Information into Log File
osv·2024-02-08
CVE-2024-23448 [HIGH] APM Server vulnerable to Insertion of Sensitive Information into Log File
APM Server vulnerable to Insertion of Sensitive Information into Log File
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-07
Published