CVE-2023-49921

An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*

History

11 Sep 2024, 14:09

Type Values Removed Values Added
References () https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179 - () https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179 - Vendor Advisory
CPE cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 5.2
v2 : unknown
v3 : 6.5
First Time Elastic elasticsearch
Elastic

26 Jul 2024, 12:38

Type Values Removed Values Added
Summary
  • (es) Elastic descubrió un problema por el cual la entrada de búsqueda de Watcher registraba los resultados de la consulta de búsqueda en el nivel de registro DEBUG. Esto podría provocar que el contenido sin procesar de los documentos almacenados en Elasticsearch se imprima en registros. Elastic lanzó las versiones 8.11.2 y 7.17.16 que resuelven este problema eliminando este registro excesivo. Este problema solo afecta a los usuarios que usan Watcher y tienen un Watch definido que usa la entrada de búsqueda y además han configurado el registrador de la entrada de búsqueda en DEBUG o más fino, por ejemplo usando: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch .xpack.watcher.input, org.elasticsearch.xpack.watcher o más amplio, ya que los registradores son jerárquicos.

26 Jul 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-26 05:15

Updated : 2024-09-11 14:09


NVD link : CVE-2023-49921

Mitre link : CVE-2023-49921

CVE.ORG link : CVE-2023-49921


JSON object : View

Products Affected

elastic

  • elasticsearch
CWE
CWE-532

Insertion of Sensitive Information into Log File