Main Vulnerability Database Vulnerabilities #VU80623

#VU80623 Inclusion of Sensitive Information in Log Files in Elasticsearch - CVE-2023-31417

Published: September 11, 2023

Vulnerability identifier: #VU80623

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-31417

CWE-ID: CWE-532

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Elasticsearch

Software vendor:
Elastic Stack

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to software can include sensitive information into audit logs log files when using certain deprecated URIs for APIs. A local user with access to the application's log can obtain potentially sensitive information, such as passwords and tokens in clear text.

Note that audit logging is disabled by default and needs to be explicitly enabled.

Remediation

Install updates from vendor's website.

External links

https://www.elastic.co/community/security#ESA-2023-12

#VU80623 Inclusion of Sensitive Information in Log Files in Elasticsearch - CVE-2023-31417

Description

Remediation

External links

Please verify you're human