CVE-2024-37286
published 2024-08-03CVE-2024-37286: APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document…
PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.44%
35.0th percentile
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | apm_server | < 8.14.0 | 8.14.0 |
| github.com | elastic_apm-server | >= 0 < 8.14.0 | 8.14.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
osv·2024-08-06
CVE-2024-37286 APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server
APM Server vulnerable to Insertion of Sensitive Information into Log File in github.com/elastic/apm-server.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/elastic/apm-server before v8.14.0.
GHSA
APM Server vulnerable to Insertion of Sensitive Information into Log File
ghsa·2024-08-03
CVE-2024-37286 [MEDIUM] CWE-532 APM Server vulnerable to Insertion of Sensitive Information into Log File
APM Server vulnerable to Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.
OSV
APM Server vulnerable to Insertion of Sensitive Information into Log File
osv·2024-08-03
CVE-2024-37286 [MEDIUM] APM Server vulnerable to Insertion of Sensitive Information into Log File
APM Server vulnerable to Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-08-03
Published