CVE-2024-23448

An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688	Vendor Advisory
https://www.elastic.co/community/security	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:elastic:apm_server:*:*:*:*:*:*:*:*

History

15 Feb 2024, 15:39

Type	Values Removed	Values Added
CWE		CWE-532
CPE		cpe:2.3:a:elastic:apm_server::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
First Time		Elastic Elastic apm Server
References	~~() https://www.elastic.co/community/security -~~	() https://www.elastic.co/community/security - Vendor Advisory
References	~~() https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688 -~~	() https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688 - Vendor Advisory

07 Feb 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-07 22:15

Updated : 2024-02-28 20:54

NVD link : CVE-2024-23448

Mitre link : CVE-2024-23448

CVE.ORG link : CVE-2024-23448

JSON object : View

Products Affected

elastic

apm_server

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2024-23448", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "bressers@elastic.co", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2024-02-07T22:15:09.987", "references": [{"url": "https://discuss.elastic.co/t/apm-server-8-12-1-security-update-esa-2024-03/352688", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}, {"url": "https://www.elastic.co/community/security", "tags": ["Vendor Advisory"], "source": "bressers@elastic.co"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}, {"type": "Secondary", "source": "bressers@elastic.co", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs."}, {"lang": "es", "value": "Se descubri\u00f3 un problema por el cual APM Server pod\u00eda iniciar sesi\u00f3n en el nivel ERROR, una respuesta de Elasticsearch indicaba que la indexaci\u00f3n del documento fall\u00f3 y que esa respuesta contendr\u00eda partes del documento original. Dependiendo de la naturaleza del documento que el servidor APM intent\u00f3 ingerir, esto podr\u00eda dar lugar a la inserci\u00f3n de informaci\u00f3n confidencial o privada en los registros del servidor APM."}], "lastModified": "2024-02-15T15:39:14.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:elastic:apm_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "359F4AB6-DD4A-4B8E-B6AE-5879A047E448", "versionEndExcluding": "8.12.1"}], "operator": "OR"}]}], "sourceIdentifier": "bressers@elastic.co"}