Main Vulnerability Database Vulnerabilities #VU80899

Inclusion of Sensitive Information in Log Files in Kibana - CVE-2023-31422

Published: September 19, 2023

Vulnerability identifier: #VU80899

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-31422

CWE-ID: CWE-532

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Kibana

Software vendor:
Elastic Stack

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. A local user can read the log files and gain access to sensitive data, such as authentication credentials, cookies, authorization headers, query params, request paths, and other metadata. Some examples of sensitive data which can be included in the logs are account credentials for kibana_system, kibana-metricbeat, or Kibana end-users.

Remediation

Install updates from vendor's website.

External links

https://www.elastic.co/community/security#ESA-2023-17

Inclusion of Sensitive Information in Log Files in Kibana - CVE-2023-31422

Description

Remediation

External links

Please verify you're human